ff9b9aa58bf0f8b6104d1183be41a398_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ff9b9aa58bf0f8b6104d1183be41a398_JaffaCakes118
Size

258KB
MD5

ff9b9aa58bf0f8b6104d1183be41a398
SHA1

110c1d98ce3968d45f6269695689bc543bf8a9cd
SHA256

c14f84e4f1831bb2909a23a64c844a8c542be3bb205c75e6e1022bad6449e03d
SHA512

302900097c6883d6f3a81aaa0b50029e4c0328ebc7cc42d3786a487a144c244c77e540ad239418da22c5047e5b2100d8d3936a94347ed8d12e4edce090509ffe
SSDEEP

6144:AYaJZQjKIywoBFVXN2BxRHnJOr9LJXuWlbINz+taHms:haJZ+1yrHVXgxpngxlFIV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff9b9aa58bf0f8b6104d1183be41a398_JaffaCakes118

Files

ff9b9aa58bf0f8b6104d1183be41a398_JaffaCakes118
.exe windows:5 windows x86 arch:x86

17b0e8d5aeae61b8a3b821810250bce5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpW
GetProfileStringA
lstrlenW
QueryPerformanceCounter
lstrcmpiA
GlobalSize
LCMapStringW
GetCurrentThreadId
GetCPInfo
CompareFileTime
lstrcatA
VirtualFree
GlobalAlloc
GetCurrentDirectoryW
IsValidCodePage
GetUserDefaultLCID
GetStringTypeA
SetPriorityClass
GetProcAddress
HeapAlloc
FreeLibrary
SetEvent
GetTimeZoneInformation
InterlockedDecrement
Sleep
lstrcmpA
InitializeCriticalSection
SetUnhandledExceptionFilter
lstrlenA
FileTimeToSystemTime
TerminateProcess

advapi32

RegOpenKeyA
RegOpenKeyExA
RegCloseKey

ole32

StgCreateDocfileOnILockBytes
CoTreatAsClass
OleCreateLink
OleUninitialize
OleRegEnumFormatEtc
CLSIDFromProgID
WriteClassStm

linklbui

_Toupper
_Getcvt
_FSinh
_Stold
_Strxfrm

user32

GetClassNameA
RegisterClassExW
ChildWindowFromPoint
SendMessageW
PostMessageW
GetWindowTextLengthA
InvalidateRgn
GetKeyboardLayoutList
ScrollDC
ValidateRect
EnumChildWindows
TranslateMessage
RegisterClipboardFormatA
RegisterClassW
CopyRect
CharToOemBuffA
WindowFromPoint
ClientToScreen
IsWindowEnabled
BringWindowToTop
SetRectEmpty
LoadImageA
CallWindowProcW
GetParent

gdi32

SelectPalette
GetEnhMetaFileA
OffsetWindowOrgEx
EnumMetaFile
GetStockObject
StartDocA
GetTextColor
GetPixel
GetNearestColor
GetClipBox
GetTextCharsetInfo
CreateCompatibleBitmap
CombineRgn
CreatePatternBrush
PatBlt
GetDeviceCaps
ExtSelectClipRgn
GetSystemPaletteEntries
OffsetRgn
SelectObject
GetWinMetaFileBits
SetViewportOrgEx
GetObjectType
GetMetaFileBitsEx
CreateDIBPatternBrushPt
SetMapMode
GetEnhMetaFileHeader
StretchBlt

ntdll

NtProtectVirtualMemory
ZwSetEvent
RtlFreeUnicodeString
NtReadFile
ZwCreateTimer
ZwQueryInformationProcess

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17b0e8d5aeae61b8a3b821810250bce5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ole32

linklbui

user32

gdi32

ntdll

Sections

.text Size: 158KB - Virtual size: 158KB

.data Size: 48KB - Virtual size: 47KB

.rsrc Size: 51KB - Virtual size: 52KB

.text
Size: 158KB - Virtual size: 158KB

.data
Size: 48KB - Virtual size: 47KB

.rsrc
Size: 51KB - Virtual size: 52KB