f0d84724fea9ef6442c093dd8239120c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f0d84724fea9ef6442c093dd8239120c_JaffaCakes118
Size

399KB
MD5

f0d84724fea9ef6442c093dd8239120c
SHA1

96fd173b0b12e284269fbc0c4570dbc38a0ca878
SHA256

1b90bf32ed30c05b4489b5583dad827f70e0344eaf32c0f219227bbaad0d8c87
SHA512

5bd8d9808fde13039a978a44fc1f0fa08775f846fd603373a3b5a0a2fce48b73d332d6eee877cd7d722a0150edb83e150c182ec8dd3571612a8325db1530730d
SSDEEP

6144:clBLtcZD11JPhKDVdgR6/jb4Uy81R2OhYOdp/OcPCE/otq8JsWKE/qnVOIM6g9Eq:clBLKKdgROzdRfaYp/YE/ZEicIDdq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0d84724fea9ef6442c093dd8239120c_JaffaCakes118

Files

f0d84724fea9ef6442c093dd8239120c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fae24da318d27676c3219fb54d7cf69d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetCursor
GetWindowDC
GetDlgItem
InvalidateRect
BeginPaint
SetTimer
MessageBeep
TranslateAcceleratorW
FlashWindow
GetDlgItemInt
PostQuitMessage
DialogBoxParamW
SetWindowPos
RegisterClassW
LoadCursorW
MessageBoxW
WinHelpW
SetDlgItemInt
PostMessageW
GetDesktopWindow
GetSystemMetrics
SetWindowTextW
DispatchMessageW

kernel32

InterlockedPopEntrySList
SetThreadLocale
DeleteCriticalSection
TransactNamedPipe
GetThreadPriorityBoost
HeapFree
CreateNamedPipeA
CreateIoCompletionPort
GetUserDefaultLangID
lstrcatW
GetLocaleInfoA
ConvertDefaultLocale
VirtualAllocEx
ConnectNamedPipe
GetFileTime
ReadFileEx
SetThreadAffinityMask
HeapReAlloc
FreeEnvironmentStringsA
HeapSummary
WriteFile
EnumSystemLocalesA
EncodePointer
FileTimeToSystemTime
CreateFileMappingA
CreateThread
GetSystemTime
IsBadStringPtrA
GetFirmwareEnvironmentVariableA
PostQueuedCompletionStatus
GetSystemTimes
OpenThread
SleepEx
GetTickCount
SetThreadUILanguage
MapViewOfFileEx
GetFileAttributesExA
MapViewOfFile
GetQueuedCompletionStatus
RtlZeroMemory
WaitForMultipleObjects
ReadFileScatter
IsValidLocale
InitializeCriticalSection
GetEnvironmentVariableA
GetEnvironmentStringsA
WaitForSingleObject
SwitchToThread
GetSystemTimeAsFileTime
lstrcatA
ExitThread
HeapCreate
GetThreadPriority
DisconnectNamedPipe
HeapDestroy
SetFilePointer
lstrcpynW
HeapValidate
FlushViewOfFile
HeapWalk
WaitForSingleObject
ResumeThread
GetCurrentThreadId
EnterCriticalSection
HeapLock
PeekNamedPipe
lstrcmpiA
WaitForSingleObjectEx
WriteFileEx
HeapAlloc
GetUserDefaultLCID
CreateEventA
GetLocalTime
SetEvent
GetSystemDefaultLCID
GetThreadSelectorEntry
RtlFillMemory
GetThreadContext
SetFilePointerEx
ReadFile
lstrcmpA
UnmapViewOfFile
CreateFileA
RegisterWaitForInputIdle
GetStringTypeExA
InterlockedPushEntrySList
LeaveCriticalSection
RtlMoveMemory
FileTimeToDosDateTime
SystemTimeToFileTime
DecodePointer
DosDateTimeToFileTime
SetThreadPriorityBoost

advapi32

RegFlushKey
RegCloseKey
RegQueryValueExW
RegSetValueExW

msvcrt

_exit
time
_adjust_fdiv
rand
_controlfp
exit
_XcptFilter
_initterm
_cexit
__getmainargs
__p__commode
srand

Sections

.text
Size: 254KB - Virtual size: 254KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fae24da318d27676c3219fb54d7cf69d

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advapi32

msvcrt

Sections

.text Size: 254KB - Virtual size: 254KB

.data Size: 135KB - Virtual size: 134KB

.rsrc Size: 9KB - Virtual size: 372KB

.text
Size: 254KB - Virtual size: 254KB

.data
Size: 135KB - Virtual size: 134KB

.rsrc
Size: 9KB - Virtual size: 372KB