fff6b172d80154c93ecb61a00f17c26b_JaffaCakes118

General

Target

fff6b172d80154c93ecb61a00f17c26b_JaffaCakes118
Size

148KB
MD5

fff6b172d80154c93ecb61a00f17c26b
SHA1

37cbaf9dfb6b5e1da9aa86f7687b3c51d31f2442
SHA256

cdcb4acee9f2fdc2468c56f7786bfa642a3fe122ba0ce812d94a7defa353bf1d
SHA512

97d97c8d4be103c74bd5837cd7e6cd130ee1d1af0ae2d31f51b95c4a8200cecc328e1c2335e750db516b11af9f425e00f356cef767eef92ee7283716c114a4b0
SSDEEP

3072:SLjeGZhA5qdE3rVtbYDA4R5M1EX/+MSkBXKl6IF8rIEtrwMMKj+ktcepV1J:S/FZhZE3rTM0qGMpwl6x1j+ktcE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fff6b172d80154c93ecb61a00f17c26b_JaffaCakes118

Files

fff6b172d80154c93ecb61a00f17c26b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ea0535253babaa69bc164de61dd3152b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

chtbpapi

_Xbig
_LSnan
_Getctype
_LDscale
_LEps
_FXbig
_Strxfrm
_LNan
_FDtest
_FSnan

msvcrt

free
realloc
_purecall
__set_app_type
_amsg_exit
exit
wcsrchr
_stricmp

kernel32

LocalAlloc
GetCommandLineW
InterlockedDecrement
GetVersionExW
VirtualAlloc
GetVolumeNameForVolumeMountPointW
GetCurrentProcessId
GetQueuedCompletionStatus
HeapFree
FlushInstructionCache
GetUserDefaultUILanguage
CompareStringW
SleepEx
GetModuleHandleA
ExitProcess
InterlockedIncrement
VirtualAllocEx
CloseHandle
GetPriorityClass

user32

GetMenuItemID
TranslateAcceleratorW
InvalidateRgn
IsMenu
SetCursor
LoadAcceleratorsW
OpenClipboard
CreateWindowExW
SetWindowTextW
ScreenToClient
MonitorFromPoint
DialogBoxParamW
GetMenuItemInfoW
LoadStringW
DestroyAcceleratorTable
SetDlgItemTextW
UnregisterClassA
FillRect
CallWindowProcW
DefWindowProcW
GetCapture
GetClassInfoExW
DestroyMenu
SendMessageA
BeginPaint
EnableMenuItem
SetForegroundWindow
ClientToScreen
CreateDialogParamW
GetCursorPos
CreateDialogIndirectParamW

ntdll

ZwOpenSemaphore
NtOpenFile
NtOpenMutant
NtOpenEventPair

gdi32

SelectObject
EnumFontFamiliesExW
CreateBitmap

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea0535253babaa69bc164de61dd3152b

Headers

DLL Characteristics

File Characteristics

Imports

chtbpapi

msvcrt

kernel32

user32

ntdll

gdi32

Sections

.text Size: 16KB - Virtual size: 16KB

.data Size: 35KB - Virtual size: 34KB

.rsrc Size: 95KB - Virtual size: 96KB

.text
Size: 16KB - Virtual size: 16KB

.data
Size: 35KB - Virtual size: 34KB

.rsrc
Size: 95KB - Virtual size: 96KB