052366ea44057a8adc3f0ed498eba848_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

052366ea44057a8adc3f0ed498eba848_JaffaCakes118
Size

336KB
MD5

052366ea44057a8adc3f0ed498eba848
SHA1

145834f9be7afa3122353415f228b88a08d1d47c
SHA256

8793082f13349cbc535b411deadee840b4aebc4918872d8cdaca06335638dc98
SHA512

746aec051f59ef4948c63ee3cf02bda1c511be4e444f03d1379c404d09839e5c8151f021a310fb508d02df9c9cab2954642ecb6d341324548b70dddfa9b25969
SSDEEP

6144:n4AcRqxpLCHTarl0T7dhAK6/vgr2v05XpTYM7DykG3gNfKk:4AcRqxAHWrl09/ivtI7DQZk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
052366ea44057a8adc3f0ed498eba848_JaffaCakes118

Files

052366ea44057a8adc3f0ed498eba848_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8c4c078dc1c523eec5326d6aa1e87e2c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
CloseHandle
CreateFileW
WriteConsoleW
SetStdHandle
LCMapStringW
RtlUnwind
HeapReAlloc
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GlobalFree
GetCurrentProcess
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
WriteFile
MultiByteToWideChar
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetLocaleInfoW
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
CreateConsoleScreenBuffer
GetStdHandle
GlobalUnlock
HeapCreate
WriteConsoleOutputA
SizeofResource
Sleep
LoadLibraryW
GlobalAlloc
ReadConsoleOutputA
GlobalLock
GetTickCount
SetConsoleActiveScreenBuffer
GetACP
EnterCriticalSection
HeapAlloc
LoadResource
QueryPerformanceCounter
FindResourceA
FlushFileBuffers
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
SetLastError
EncodePointer
DecodePointer
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
IsProcessorFeaturePresent
HeapSize
GetProcAddress
GetModuleHandleW
ExitProcess
GetCPInfo
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree

user32

CheckMenuItem
LoadCursorA
FindWindowA
EndPaint
CloseClipboard
PostQuitMessage
FillRect
GetMenuItemID
DeleteMenu
GetParent
LoadIconA
GetClipboardFormatNameA
CreateMenu
SetFocus
SendMessageA
EnumClipboardFormats
BeginPaint
GetDC
GetCapture
GetForegroundWindow
SetRect
InvalidateRect
CreateWindowExA
ReleaseDC
DefWindowProcA
ShowWindow
AppendMenuA
GetMenuItemCount
OpenClipboard
IsWindowVisible
CountClipboardFormats
UpdateWindow

gdi32

LineTo
SetTextColor
GetDeviceCaps
GdiFlush
SetBkMode
DeleteObject
SelectObject
CreatePen
GetTextMetricsA
CreateSolidBrush
TextOutA
MoveToEx

winspool.drv

ClosePrinter

ole32

CreateStreamOnHGlobal

opengl32

glVertex3f
glBegin
glNormal3f
glEnd
glClear

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 193KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c4c078dc1c523eec5326d6aa1e87e2c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

ole32

opengl32

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 193KB - Virtual size: 235KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 193KB - Virtual size: 235KB

.rsrc
Size: 17KB - Virtual size: 16KB