dc2b9cc20fb97f712aeb6efb43d3692a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dc2b9cc20fb97f712aeb6efb43d3692a_JaffaCakes118
Size

36KB
MD5

dc2b9cc20fb97f712aeb6efb43d3692a
SHA1

02f52430e4a8fb3b0828f7d5b325e5c16a45f93b
SHA256

ff27c922336725db15209028f7a09a96b3c5b9a0aab1b411f5917e88dad3c735
SHA512

75c12a7f533c72611ef3a14a5b2d9f6e225859acb45c7e887782d9bb4ced59da7e3ada12c504055a8397d3d78eb023d2e7e34c11d933de09d68057a5428418ff
SSDEEP

768:T6aZC+LlkllNq5IxjiZ4CFgHdUegInJj/7eG5KXgFmEx:eagqI3BO+VH5gIJjTe0KXgIEx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc2b9cc20fb97f712aeb6efb43d3692a_JaffaCakes118

Files

dc2b9cc20fb97f712aeb6efb43d3692a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2e38c4509981b66ed6120e70ba1dcf3e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

comclust.pdb

Imports

user32

MessageBoxW
wsprintfW
LoadStringW

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
CloseHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
GetWindowsDirectoryW
lstrcpyW
GetConsoleOutputCP
FormatMessageW
GetStdHandle
LoadLibraryA
SetThreadUILanguage
WriteConsoleW
GetLastError
lstrcmpiW
CreateProcessW
GetCurrentProcess

advapi32

RegCloseKey
RegOpenKeyExW

mfc42u

ord823
ord825

msvcrt

__set_app_type
_except_handler3
_controlfp
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
__winitenv
_cexit
_XcptFilter
_exit
_c_exit
swprintf
_wsetlocale
exit
_vsnwprintf
wcslen
_vsnprintf
printf
_snwprintf

mtxclu

MtxCluIsClusterPresentExW

comres

COMResModuleInstance

clusapi

OpenCluster
ClusterEnum
OpenClusterResource
ClusterResourceControl
CloseClusterResource
CloseCluster
ClusterCloseEnum
ClusterOpenEnum

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bhjljhw
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2e38c4509981b66ed6120e70ba1dcf3e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

kernel32

advapi32

mfc42u

msvcrt

mtxclu

comres

clusapi

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 28KB - Virtual size: 29KB

bhjljhw Size: - Virtual size: 4KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 28KB - Virtual size: 29KB

bhjljhw
Size: - Virtual size: 4KB