fad9a80024332efb7f5609b61c00ff56_JaffaCakes118

General

Target

fad9a80024332efb7f5609b61c00ff56_JaffaCakes118
Size

174KB
MD5

fad9a80024332efb7f5609b61c00ff56
SHA1

31e2caada015dcbb888dd351f06474d7177437a1
SHA256

e746832c45b60f90fefd8738d0d9540df167674fbf101dd9b974b966cde62457
SHA512

80599d1cebe327d7cb6bab1ce88dec2b0a35310b48e1d2784cb1685eec2456602fd7a965b5194e5499345a63d237dc252013bf3b877e5079860e6874b7fb8acb
SSDEEP

3072:2a6pmM3xy6bpgy4Zyv7q6RYZZeyqfEkQGUSQyYLWwA5pyAQ/NxgSiD9s8FlI6:wy62y4ZI7qoYXizQGUhfK5pVQ/M52

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fad9a80024332efb7f5609b61c00ff56_JaffaCakes118

Files

fad9a80024332efb7f5609b61c00ff56_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3449e72623e5cbdb538d6aff0f58e1fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LockWindowUpdate
DestroyWindow
PtInRect
DrawTextExW
InvalidateRect
FrameRect
CreateDialogIndirectParamW
GetDlgCtrlID
GetWindowRect
SetWindowPos
MoveWindow
DrawFrameControl
GetWindowThreadProcessId
PostMessageW
LockSetForegroundWindow
LoadIconW
GetMenuItemCount
SetFocus
GetWindow
IsWindowUnicode
SetWindowsHookExW

ntdll

NtOpenMutant
NtOpenTimer
NtOpenSemaphore
NtMapViewOfSection
NtOpenEventPair
NtClearEvent

msvcrt

_XcptFilter
_wtoi64
iswspace
wcstoul
wcsstr
memset
_lock
wcstol
_onexit

gdi32

GetObjectA
GetStockObject

avtacplc

_Nan
_LEps
_LCosh
_Dtest
_LRteps
_LNan
_LExp
_Stof

kernel32

HeapFree
LoadLibraryW
GetProcessHeap
InterlockedIncrement
GetPriorityClass
SleepEx
GetLocaleInfoW
FindFirstFileW
SetErrorMode
LoadLibraryExW
GetVersion
VirtualAllocEx
CloseHandle
GetVolumeNameForVolumeMountPointW
InterlockedDecrement
LeaveCriticalSection
FindFirstVolumeW
GetCurrentThreadId
DeleteFileW
CreateThread
ExitProcess
UnhandledExceptionFilter
HeapReAlloc
SetLastError
GetShortPathNameW
GlobalUnlock
TerminateProcess
VirtualAlloc

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 114KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3449e72623e5cbdb538d6aff0f58e1fd

Headers

DLL Characteristics

File Characteristics

Imports

user32

ntdll

msvcrt

gdi32

avtacplc

kernel32

Sections

.text Size: 21KB - Virtual size: 21KB

.data Size: 37KB - Virtual size: 37KB

.rsrc Size: 114KB - Virtual size: 116KB

.text
Size: 21KB - Virtual size: 21KB

.data
Size: 37KB - Virtual size: 37KB

.rsrc
Size: 114KB - Virtual size: 116KB