c83d3afb80b474717c20d35d1a3a317c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c83d3afb80b474717c20d35d1a3a317c_JaffaCakes118
Size

17KB
MD5

c83d3afb80b474717c20d35d1a3a317c
SHA1

2c93cd0de43102573298811fba84d5e2adaf5cba
SHA256

8091b0285646249b8ece61696e8c465d03217c68dcecc4bbb6ad890c9b1df6dd
SHA512

0b20943b91a294079cf15974fbd2b4e364034a7730009ad63480ff8649b735a89d07cd6153e6caf72e1de8278545e058366e693f618c83bdd2b7ba0457039606
SSDEEP

384:Xst+xpmV1wJWRZ1RxOUd0zuioEar0stB8J2vPONG:XsQLiZ1RxzioEar06a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c83d3afb80b474717c20d35d1a3a317c_JaffaCakes118

Files

c83d3afb80b474717c20d35d1a3a317c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cca432923d387e0263f4275cead3e25f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetCurrentThreadId
GetModuleHandleW
MultiByteToWideChar
GetModuleHandleA
LoadLibraryA
GetCurrentThreadId
QueryPerformanceCounter
LeaveCriticalSection
CreateThread
HeapDestroy
lstrlenA
EnterCriticalSection
InitializeCriticalSection
lstrlenA
DeleteCriticalSection
GetVersionExA
LoadLibraryW
VirtualProtect
GetProcAddress
VirtualProtect
CreateFileW
InitializeCriticalSection
HeapFree
SetLastError
GetProcAddress
GetCurrentThreadId
lstrlenA
InitializeCriticalSection
VirtualProtect
LoadLibraryA
VirtualProtect
GetVersionExA
MultiByteToWideChar
InterlockedExchange
Sleep
EnterCriticalSection
HeapAlloc
InterlockedCompareExchange
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcessHeap
VirtualProtect
InitializeCriticalSection
InterlockedDecrement
GetModuleFileNameA
HeapFree
InterlockedCompareExchange
HeapAlloc
LocalFree
GetCurrentProcess
EnterCriticalSection
FreeLibrary

gdi32

SetBkColor
GetBkColor
GetCurrentObject
CreateBitmapIndirect
CombineRgn
CombineRgn
CreateSolidBrush
CombineRgn
GetWindowOrgEx
CreateRectRgn
GetBkColor
SetBrushOrgEx
CreatePen
CreateBitmap
LineTo
CreateFontIndirectA
CreateBitmapIndirect
GetWindowExtEx
GetCurrentObject
BitBlt
BitBlt
SetWindowExtEx
SetPixel
CombineRgn
CreateBitmap
GetCurrentObject
SetBkMode
Polygon
SetTextColor
SetTextColor
GetBrushOrgEx
GetWindowExtEx
GetWindowExtEx
CreatePen
Rectangle
PatBlt
BitBlt
SetBrushOrgEx
CreateDIBitmap
Ellipse
SetBkMode
SetPixel
GetPixel
CreateDIBitmap
GetBkColor
CreateBitmapIndirect
CreatePen
GetBkMode
GetWindowOrgEx
CreateSolidBrush
GetCurrentObject

Sections

.text
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cca432923d387e0263f4275cead3e25f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 12KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 12KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB