d38856a1802af48654acfc7a9accaff1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d38856a1802af48654acfc7a9accaff1_JaffaCakes118
Size

184KB
MD5

d38856a1802af48654acfc7a9accaff1
SHA1

15fa3643b8d2e96014dec65afc1c3ee3488addd4
SHA256

7ba84eca334ea1368df114696ebfdeb9e0c44ec914137325cf753a289fdc449a
SHA512

2d80557160524c54afd5370dfd9a04b1a450ed4f4da863d1e8408379032793627cb7d6c2a261ddc23bbd4f3424bfcd78708bad51774b8ded558a6cc0ad6eee90
SSDEEP

3072:VsLG7P6xExFlsJHId6XOP3ngFc06ELq+SNr93aT7QUjtY+bVl48:aLw6yl406XOPXgFcyZSN0T7QUjzZlX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d38856a1802af48654acfc7a9accaff1_JaffaCakes118

Files

d38856a1802af48654acfc7a9accaff1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

43780ae51a706387e663a8cf9c2f6846

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EnumFontFamiliesExA
GetTextExtentPoint32A
Escape
MoveToEx
GetFontData
CreateBitmap
RestoreDC
GetViewportOrgEx
ExcludeClipRect
GetBkColor
CreateRectRgnIndirect
UnrealizeObject
RectVisible
GetPixel
SetBkMode
PlayEnhMetaFileRecord
GetSystemPaletteUse
BitBlt
PlayMetaFileRecord
GetTextMetricsA

dpnlgr10

_FInf
_FSinh
_LInf
_LDscale
_FDtest
_FDscale
_FNan
_Eps
_FDnorm
_FSnan
_Toupper
_LNan

ole32

OleDuplicateData
StringFromGUID2
StringFromCLSID
CreateILockBytesOnHGlobal
WriteClassStg
OleRegGetUserType
ReleaseStgMedium
WriteClassStm
ReadFmtUserTypeStg
OleDestroyMenuDescriptor
OleUninitialize
CoGetMalloc
OleCreateFromData
CoRevokeClassObject

user32

GetWindow
DrawIcon
GetWindowThreadProcessId
ShowWindow
PostMessageW
CreateMDIWindowA
MapDialogRect
CreateCaret
DrawEdge
SetCaretPos
SetParent
SetCursor
ChangeClipboardChain
ShowCursor
DrawFocusRect
DrawIconEx
SetClipboardViewer
LoadIconA
IsWindowVisible
SetScrollRange
EnumDisplaySettingsA
RegisterClassExA
ScrollDC
GetClassNameA
CreateMenu
WindowFromPoint
DefWindowProcA

kernel32

GetStartupInfoA
InterlockedDecrement
VirtualFree
GetLogicalDrives
GlobalAlloc
CloseHandle
SetPriorityClass
GetStdHandle
GetCommandLineA
GetSystemDefaultLCID
GetModuleHandleA
GetTempPathA
ExitProcess
InitializeCriticalSection
OutputDebugStringW
GetModuleFileNameW
Sleep
SetHandleCount
GetSystemTime
MulDiv
GetStringTypeA
GetFileSize
SetUnhandledExceptionFilter
GetThreadLocale
GetStringTypeW
GetSystemDefaultLangID
GetLocaleInfoW
Beep
GlobalLock
VirtualFree
SetFilePointer
CreateProcessW
LCMapStringW
SizeofResource
CompareFileTime
GlobalUnlock

ntdll

NtQueryInformationFile
NtReadFile
RtlAddAce
NtProtectVirtualMemory
ZwSetEvent
RtlFreeUnicodeString
NtSuspendThread
ZwCreateTimer
RtlExitUserThread

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43780ae51a706387e663a8cf9c2f6846

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

dpnlgr10

ole32

user32

kernel32

ntdll

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 168KB - Virtual size: 172KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 168KB - Virtual size: 172KB