c2a5f635a48bbb0f030681e9b5b14c53_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c2a5f635a48bbb0f030681e9b5b14c53_JaffaCakes118
Size

194KB
MD5

c2a5f635a48bbb0f030681e9b5b14c53
SHA1

8f68730c5e7b11640067522e753b3442dff9575e
SHA256

7b6059cd810fa1f54a301061bb3f0fdb951446cd75a431cc972b1d4106e841ab
SHA512

4f39d026ec1161cb264ec50994a09365e7c09fed3b432b3a7f9009b0915a33527a259dc7543c02ef0bbdbe07e78b2784df65ba69c41075dd05a4d59027766af3
SSDEEP

3072:9jjD3KlIfTo1zcZjtVxAHGNljnck0Z48Mt5TmsvOY1FM5kaqUx5fNtd60I0:lhT2zcZjimNik0ZlMvfcqUzY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2a5f635a48bbb0f030681e9b5b14c53_JaffaCakes118

Files

c2a5f635a48bbb0f030681e9b5b14c53_JaffaCakes118
.exe windows:5 windows x86 arch:x86

aea11e2fb6c0d446d8a4b5248d4a0e5f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleSetMenuDescriptor
CreateILockBytesOnHGlobal
OleCreateLinkFromData
OleCreateFromData
WriteFmtUserTypeStg
GetRunningObjectTable
ReleaseStgMedium
OleRegGetUserType
OleCreateLinkToFile
MkParseDisplayName
StgCreateDocfile
CreateBindCtx
OleIsCurrentClipboard
ReadFmtUserTypeStg
OleCreateLink
OleInitialize

gdi32

CreatePalette
LPtoDP
SelectPalette
UnrealizeObject
GetTextAlign
OffsetWindowOrgEx
CreateDIBPatternBrushPt
UpdateColors
GetSystemPaletteEntries
LineTo
ExcludeClipRect
GetEnhMetaFileBits
EnumMetaFile
GetStockObject
CreateFontIndirectA
SelectClipRgn
CreateDIBSection
GetObjectType
BitBlt
GetRgnBox
Polygon
DeleteObject
EnumFontFamiliesExA
CombineRgn

ntdll

ZwSetEvent
ZwCreateTimer
NtQueryInformationFile
NtProtectVirtualMemory
NtSuspendThread
NtQueryValueKey
NtQuerySection

advapi32

RegQueryValueExA
RegOpenKeyExW
RegQueryValueExW

kernel32

GetSystemDefaultLCID
LoadLibraryA
GetTimeZoneInformation
QueryPerformanceFrequency
LockResource
WaitForMultipleObjects
CloseHandle
GetTempFileNameA
CloseHandle
FreeEnvironmentStringsA
ResetEvent
LoadLibraryExA
CompareFileTime
RtlUnwind
CreateEventA
MulDiv
lstrcmpW
GlobalAlloc
GlobalGetAtomNameW
GetFileSize
IsBadWritePtr
VirtualFree
GetCommandLineA
GetCurrentDirectoryW
GetSystemTime
lstrcatA
GetProcAddress
HeapAlloc
ResumeThread
DeleteCriticalSection
InterlockedDecrement
GetCurrentProcess
GlobalMemoryStatus
SetPriorityClass
HeapFree
GetModuleFileNameA
GetStringTypeW
Sleep

user32

ActivateKeyboardLayout
CreateMDIWindowW
IsChild
HideCaret
SetWindowTextA
GetNextDlgTabItem
FrameRect
CopyAcceleratorTableA
CopyRect
FindWindowA
MessageBoxA
SendMessageW
CreateWindowExA
IntersectRect
GetMenu
SetScrollPos
MapWindowPoints
SetWindowTextW
TranslateAcceleratorA
SetCapture
MessageBeep
CreateDialogIndirectParamW
CreateWindowExW
GetKeyState
SetScrollRange
CreateIcon
DefMDIChildProcA
WinHelpW
GetWindowRect
SetWindowLongA
IsWindowEnabled

iesepmsg

_Nan
_FSnan
_LEps
_FDenorm
_LDtest
_LDenorm
_FCosh
_Cosh
_Getcvt

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 169KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aea11e2fb6c0d446d8a4b5248d4a0e5f

Headers

DLL Characteristics

File Characteristics

Imports

ole32

gdi32

ntdll

advapi32

kernel32

user32

iesepmsg

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 7KB - Virtual size: 7KB

.rsrc Size: 169KB - Virtual size: 172KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 169KB - Virtual size: 172KB