f54eecb3a3ec86d5198d22cb75e116a6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f54eecb3a3ec86d5198d22cb75e116a6_JaffaCakes118
Size

23KB
MD5

f54eecb3a3ec86d5198d22cb75e116a6
SHA1

3cdb20ece3574d78e2b164539d50a8ca33e1d761
SHA256

088348ddb023dfa7e3a14194520b6317d104af5b55bcce82bd01c447a0b21616
SHA512

e666834faa54c6b7d9f519189c2c8570523110adef663da6da62909d2b5c00df122dc123c22d46cfd8500dde28be513da929d55be2d7abd1f07faf58c02e4e43
SSDEEP

384:Ksc+QrkI4vDaT3pXxj7z1kIiA1+hCnJ7dDcFoUso9pJhwiNnINLPsJcp/:kkZrI3Nxz1kIiAAwJRDDs9pLogcp/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f54eecb3a3ec86d5198d22cb75e116a6_JaffaCakes118

Files

f54eecb3a3ec86d5198d22cb75e116a6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2440c0b290e9bda28a4aca8277a5a2f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
FreeLibrary
CreateEventW
GetProcAddress
CloseHandle
CloseHandle
InterlockedExchange
SetLastError
QueryPerformanceCounter
InterlockedExchange
LeaveCriticalSection
QueryPerformanceCounter
LoadLibraryW
VirtualAlloc
lstrcmpiW
CreateEventW
DeleteCriticalSection
SetLastError
InterlockedCompareExchange
GetLastError
InterlockedIncrement
InitializeCriticalSection
GetModuleFileNameW
FreeLibrary
InterlockedExchange
GetModuleHandleW
VirtualAlloc
DeleteCriticalSection
GetCurrentThreadId
EnterCriticalSection
lstrlenA
GetModuleFileNameA
GetTickCount
GetVersionExA
CreateFileW
VirtualAlloc
GetModuleFileNameW
LeaveCriticalSection
LeaveCriticalSection
GetModuleFileNameW
MultiByteToWideChar
HeapAlloc
QueryPerformanceCounter
InterlockedDecrement
CloseHandle
InitializeCriticalSection
VirtualAlloc
HeapDestroy
GetProcAddress
GetCurrentThreadId
VirtualAlloc
GetCurrentProcess
Sleep
lstrcmpiW

user32

LoadCursorW
SetTimer
GetDlgItem
BeginPaint
GetDC
SetWindowLongW
GetClientRect
LoadIconW
EnableWindow
SetTimer
TranslateMessage
GetSysColor
SendDlgItemMessageW
PostQuitMessage
SetCursor
SendDlgItemMessageW
SetTimer
GetDC
PostQuitMessage
IsWindow
GetWindowRect
DefWindowProcW
DispatchMessageW
LoadStringW
InvalidateRect
GetSysColor
BeginPaint
GetSysColor
ReleaseDC
GetWindowRect
SetForegroundWindow
BeginPaint
PostQuitMessage
SetCursor
wsprintfA
GetClientRect
CharNextW
SetFocus
TranslateMessage
KillTimer
GetWindowLongW
SetCursor
InvalidateRect
BeginPaint
LoadIconW
LoadStringW
MessageBoxW
SetWindowPos
LoadIconW
BeginPaint
IsDlgButtonChecked
DefWindowProcW
ShowWindow
InvalidateRect
DialogBoxParamW

Sections

.text
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2440c0b290e9bda28a4aca8277a5a2f2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 18KB - Virtual size: 20KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 18KB - Virtual size: 20KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB