c576466a700a81cac0f410264b839492_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c576466a700a81cac0f410264b839492_JaffaCakes118
Size

354KB
MD5

c576466a700a81cac0f410264b839492
SHA1

1bc948a6434cff9550c3fe77fdd957ca3e574754
SHA256

37d4daac17d9e9365e397eb46b67295a50c7d4b3bbe192d9a0c7597aa36976b4
SHA512

b8318ff343e5cd0db86ec4e1f1a15a01487b3b4294fcd6530b9262282f600cccc0aa3e19868ae7cb9b8577639618137d7cf7534f5cad0a8447c3be93bdec748d
SSDEEP

6144:AqWDvVSodrR2sNoBEGrEXP1SDKTpG3z0Re4eGKZsilysSlwZu:0VPKrSPJTpzPe7Flydlw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c576466a700a81cac0f410264b839492_JaffaCakes118

Files

c576466a700a81cac0f410264b839492_JaffaCakes118
.exe windows:6 windows x86 arch:x86

c7321402ba182297a796a625c4a28a38

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumDisplayMonitors
GetDCEx
ReplyMessage
ClientToScreen

ole32

CoCreateInstance
CoUninitialize
CoInitializeEx
CoTreatAsClass
CoTaskMemRealloc
OleDuplicateData
CoTaskMemAlloc

kernel32

FlsSetValue
CreateFileW
CloseHandle
WriteConsoleW
SetFilePointerEx
GetCommandLineA
GetLastError
SetLastError
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcessHeap
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitOnceExecuteOnce
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
IsDebuggerPresent
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
RaiseException
FlsFree
GetCurrentProcess
TerminateProcess
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
HeapFree
Sleep
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
LoadLibraryExW
OutputDebugStringW
LoadLibraryW
RtlUnwind
HeapAlloc
HeapReAlloc
GetStringTypeW
HeapSize
LCMapStringEx
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
SetFilePointer
FindClose
LoadLibraryA
CompareStringA
GetFileAttributesA
CreateThread
VirtualAlloc

gdi32

PolylineTo
BitBlt
SetArcDirection
Polyline

oleaut32

SafeArrayAllocDescriptor

advapi32

GetTraceEnableLevel
UnregisterTraceGuids
GetTraceLoggerHandle
GetTraceEnableFlags

Sections

.text
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7321402ba182297a796a625c4a28a38

Headers

DLL Characteristics

File Characteristics

Imports

user32

ole32

kernel32

gdi32

oleaut32

advapi32

Sections

.text Size: 149KB - Virtual size: 149KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 16KB - Virtual size: 15KB

.rsrc Size: 157KB - Virtual size: 156KB

.reloc Size: 18KB - Virtual size: 18KB

.text
Size: 149KB - Virtual size: 149KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 157KB - Virtual size: 156KB

.reloc
Size: 18KB - Virtual size: 18KB