d0490f4065320f56da2dfe4817082b6c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d0490f4065320f56da2dfe4817082b6c_JaffaCakes118
Size

183KB
MD5

d0490f4065320f56da2dfe4817082b6c
SHA1

3c4805b74ed3c966ab5c46491defbf5f20f9ba49
SHA256

8c8eec62c5c518bf30c7519f8231b1b857178a6a01889705fb9c42e46f8b30ea
SHA512

054677aa39bfaa0a290ed6ce6a50780d6d211d77154903a42469b4171c77fb674421945a230df0f9d5f33ee8ee157e1d5df4b01d0b5be428ae7191769499b026
SSDEEP

3072:xf1sGD6AHUL61pfF2iJPe+WHaL6jRhA+Po7wTmGRS2ZLI+M7U:xf15bi6LFjJPe+WHaL6vAxtG9ZLIhQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0490f4065320f56da2dfe4817082b6c_JaffaCakes118

Files

d0490f4065320f56da2dfe4817082b6c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d736668586d9a6f97ee443322d5d48c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipCreateBitmapFromStreamICM
GdipFree
GdipAlloc
GdipCreateHBITMAPFromBitmap
GdiplusShutdown
GdipGetImageThumbnail
GdipCreateBitmapFromStream
GdipDisposeImage
GdiplusStartup
GdipCloneImage

user32

GetQueueStatus
SetParent
GetDC
GetWindowRect
ReleaseDC
wvsprintfW
PostThreadMessageW
TranslateMessage
SetTimer
IsWindowVisible
wsprintfW
UnregisterClassW
EnableWindow
UnregisterClassA
PeekMessageW
KillTimer
RegisterWindowMessageW
DispatchMessageW
MsgWaitForMultipleObjects

kernel32

Sleep
GetLastError
lstrcmpiW
WaitForMultipleObjects
ResetEvent
lstrcpyW
DosPathToSessionPathW
LocalAlloc
GetSystemInfo
GlobalLock
DeleteCriticalSection
ProcessIdToSessionId
GetCurrentProcessId
GetCurrentThread
lstrcpynW
GetLocaleInfoA
CreateEventW
LocalFree
SetEvent
OutputDebugStringW
LeaveCriticalSection
LoadLibraryW
InterlockedDecrement
GetProcessId
InterlockedIncrement
GetSystemTimeAsFileTime
EnumResourceTypesA
DisableThreadLibraryCalls
InterlockedExchange
GetTickCount
GetVersionExW
lstrlenW
CreateThread
WaitForSingleObject
GlobalReAlloc
GetModuleFileNameW
EnterCriticalSection
CreateSemaphoreW
WriteFile
CreateFileW
FreeLibrary
ReleaseSemaphore
ExitProcess
InitializeCriticalSection
GetACP
GetCurrentProcess
GetModuleHandleW
MultiByteToWideChar
GlobalUnlock
VirtualAlloc
lstrlenA
QueryPerformanceCounter
GetThreadPriority
lstrcmpW
GetThreadLocale
CloseHandle
GetCurrentThreadId
GlobalFree
RaiseException
VirtualFree
DuplicateHandle
SetThreadPriority
GlobalAlloc
GetProcAddress
GetVersionExA
GetModuleFileNameA

gdi32

GetDIBits
GetStockObject
CreateDIBSection
GetObjectW
SelectObject
RealizePalette
StretchDIBits
SelectPalette
SetStretchBltMode
CreateCompatibleDC
BitBlt

winmm

mixerSetControlDetails
mixerGetLineInfoW
mixerGetControlDetailsW
timeSetEvent
mixerGetLineControlsW
mixerClose
timeGetTime
waveInGetDevCapsW
mixerGetNumDevs
mixerOpen
waveInGetNumDevs
mixerGetDevCapsW

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d736668586d9a6f97ee443322d5d48c

Headers

File Characteristics

Imports

gdiplus

user32

kernel32

gdi32

winmm

Sections

.text Size: 107KB - Virtual size: 106KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 70KB - Virtual size: 70KB

.tls Size: 1024B - Virtual size: 112KB

.text
Size: 107KB - Virtual size: 106KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 70KB - Virtual size: 70KB

.tls
Size: 1024B - Virtual size: 112KB