ff084c6295f14a791558fa222d06aa87_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ff084c6295f14a791558fa222d06aa87_JaffaCakes118
Size

80KB
MD5

ff084c6295f14a791558fa222d06aa87
SHA1

909f4023fd66cfc852796f5c65ace95486f07ccf
SHA256

437bd7de518530a4ab37944ef02946663e483d8c533df13a8c78e835893955d6
SHA512

4c2c4e52bff098d30002da7ebd2e88a07150040ffcc64ec4660236bab27e5436f16be6b2189a94ad444740d933c837838054467b76f75d9efae8440ccc41d153
SSDEEP

1536:V14GzrTw45qLtN55/mzFq1HVXXhfQjbHzX6wenipW4z1XL1FQ:H4GzIsgtNT/m5q1HdhgzenikE7nQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff084c6295f14a791558fa222d06aa87_JaffaCakes118

Files

ff084c6295f14a791558fa222d06aa87_JaffaCakes118
.exe windows:5 windows x86 arch:x86

192e6716ae70b41b355ff86aeb6630d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
lstrcmpiW
QueryPerformanceCounter
UnhandledExceptionFilter
lstrcmpiW
LocalAlloc
LeaveCriticalSection
HeapAlloc
InterlockedExchange
LoadLibraryW
GetCurrentProcessId
LoadLibraryA
ReadFile
CreateEventW
LocalAlloc
GetModuleHandleW
GetModuleFileNameA
HeapFree
CloseHandle
VirtualProtect
VirtualProtect
VirtualProtect
LoadLibraryW
VirtualAlloc
lstrlenA
HeapDestroy
LoadLibraryW
GetVersionExA
GetSystemTimeAsFileTime
HeapFree
DisableThreadLibraryCalls
HeapAlloc
GetCurrentProcess
DisableThreadLibraryCalls
CreateEventW
GetCurrentThreadId
InterlockedIncrement
GetCurrentThreadId
FreeLibrary
Sleep
GetTickCount
lstrcmpiW
CreateThread
CreateFileW
QueryPerformanceCounter
LoadLibraryA
GetCurrentThreadId
LocalAlloc
InterlockedDecrement
LoadLibraryA
DisableThreadLibraryCalls
EnterCriticalSection
EnterCriticalSection
VirtualProtect
GetSystemTimeAsFileTime
DeleteCriticalSection
GetCurrentThreadId
QueryPerformanceCounter
VirtualAlloc
DeleteCriticalSection
GetLastError
Sleep
VirtualProtect
lstrcmpiW

user32

GetFocus
SetDlgItemTextW
ShowWindow
GetSysColor
CharNextW
GetClientRect
PeekMessageW
SetTimer
ReleaseDC
ReleaseDC
SetWindowTextW
ShowWindow
TranslateMessage
SetCursor
SetWindowTextW
BeginPaint
GetSystemMetrics
PostMessageW
BeginPaint
EnableWindow
EnableWindow
DispatchMessageW
DefWindowProcW
TranslateMessage
GetFocus
EndDialog
SetDlgItemTextW
SetForegroundWindow
GetSystemMetrics
SetWindowLongW
GetWindowLongW
IsWindow
BeginPaint
GetFocus
GetWindowLongW
wsprintfA
LoadIconW
GetParent
GetDlgItem
IsDlgButtonChecked
SetForegroundWindow
EnableWindow
GetClientRect
wsprintfA
DefWindowProcW
IsWindow
GetParent
DispatchMessageW
TranslateMessage
TranslateMessage
ShowWindow
EndDialog
SetWindowTextW
EnableWindow
CreateWindowExW
CharNextW
BeginPaint
MessageBoxW
LoadCursorW
SendMessageW

Sections

.text
Size: 65KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

192e6716ae70b41b355ff86aeb6630d9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 65KB - Virtual size: 80KB

.rdata Size: 3KB - Virtual size: 4KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 65KB - Virtual size: 80KB

.rdata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 10KB - Virtual size: 12KB