f0b4635294807ccd16b29b245e32da22_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f0b4635294807ccd16b29b245e32da22_JaffaCakes118
Size

171KB
MD5

f0b4635294807ccd16b29b245e32da22
SHA1

51c931191703dc31b53320d17a82d497081d1c59
SHA256

d90a8433671c9c6fe95b3bca1d4318c3e621fd5cdc17e4e871b6c7b52174b4d2
SHA512

061fb8bb73242450860546980a55796be7a01e4ac141cdca279136a15334240df1507237fa46187381b7d636b5bae15c6ff09f6129f897cefba0dfa15a6f70da
SSDEEP

3072:MqJLSacIj7X069wtcNbfNOsYzclheRfhmibfRsZ16MkT:zJMIj7k6OtcNxOvzclheDmibfqZJkT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0b4635294807ccd16b29b245e32da22_JaffaCakes118

Files

f0b4635294807ccd16b29b245e32da22_JaffaCakes118
.exe windows:5 windows x86 arch:x86

98d513c8d9a2723a6e75b8badf2c221c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
GetModuleHandleA
GetProcAddress
CloseHandle
LoadLibraryA
InterlockedDecrement
GetModuleHandleW
GetFileAttributesW
InitializeCriticalSection
ExpandEnvironmentStringsW
GlobalLock
TerminateProcess
LocalAlloc
CreateDirectoryW
GetLastError
lstrcmpiW
GlobalFree
InterlockedIncrement
GlobalAlloc
GetCurrentProcess
GetVersion
GetModuleFileNameW
GetTickCount
FormatMessageW
GlobalUnlock
CreateFileW
SetUnhandledExceptionFilter
LocalFree
GetFileAttributesExW
GetCurrentThreadId
SetLastError
lstrlenW
VirtualAlloc
GetCurrentProcessId
OutputDebugStringA
LoadLibraryW
WritePrivateProfileStringW
GetPrivateProfileSectionNamesW
WriteFile
Sleep
GetSystemTimeAsFileTime
UnhandledExceptionFilter
WritePrivateProfileSectionW
DeleteCriticalSection
GetPrivateProfileSectionW
GetPrivateProfileStringW

msvcrt

_adjust_fdiv
wcslen
_purecall
free
__CxxFrameHandler
_vsnwprintf
_wcsnicmp
wcscmp
wcsstr
_initterm
_except_handler3
wcschr
swscanf
__dllonexit
wcsrchr
malloc
__RTDynamicCast
_onexit
_wcsicmp

atl

AtlModuleGetClassObject

mpr

WNetGetUniversalNameW

shlwapi

PathCompactPathW
PathIsUNCW

avifil32

EditStreamSetInfoA

ole32

ReleaseStgMedium
CoSetProxyBlanket
CreateStreamOnHGlobal
CoGetMalloc
CoGetInterceptor
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
StringFromCLSID
CoCreateInstance

user32

GetWindowRect
ScreenToClient
WinHelpW
LoadBitmapW
CallNextHookEx
EnableWindow
LoadStringW
RegisterClipboardFormatW
SetParent
SendMessageW
LoadCursorW
MessageBeep
UnhookWindowsHookEx
SetWindowsHookExW
IsWindowVisible
MessageBoxW
SetCursor
GetParent
GetClientRect

shell32

SHGetPathFromIDListW
SHGetMalloc
SHBrowseForFolderW

ntdll

RtlAllocateAndInitializeSid
RtlFreeUnicodeString
RtlUnicodeStringToInteger
RtlConvertSidToUnicodeString

Sections

.text
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 848KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98d513c8d9a2723a6e75b8badf2c221c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

atl

mpr

shlwapi

avifil32

ole32

user32

shell32

ntdll

Sections

.text Size: 512B - Virtual size: 416B

.rdata Size: 134KB - Virtual size: 134KB

.data Size: 15KB - Virtual size: 848KB

.rsrc Size: 16KB - Virtual size: 16KB

.idata Size: 3KB - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 28B

.text
Size: 512B - Virtual size: 416B

.rdata
Size: 134KB - Virtual size: 134KB

.data
Size: 15KB - Virtual size: 848KB

.rsrc
Size: 16KB - Virtual size: 16KB

.idata
Size: 3KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 28B