0b46f6950d9ba2513fd55be1267e64ef_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0b46f6950d9ba2513fd55be1267e64ef_JaffaCakes118
Size

256KB
MD5

0b46f6950d9ba2513fd55be1267e64ef
SHA1

74d135203abac94b0d8028db8b8671b89f59f045
SHA256

ea26370992adf618cfd7513e8a6c6099f96e9b11b8aad35c3f8faff829b34e8c
SHA512

16a0dfc1e05b5d610a3d2672cac53b67e9850c69241baf5dea35d921060186338b1f08b8239dc571c4cee0845190d45d167bbeee5557c8af77ee4cf21951e6cd
SSDEEP

6144:7NK8wYLp+V0kqn0knZlznvuNLOG61zF0G/9D:7N9Li0kq0kfELCN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b46f6950d9ba2513fd55be1267e64ef_JaffaCakes118

Files

0b46f6950d9ba2513fd55be1267e64ef_JaffaCakes118
.exe windows:0 windows x86 arch:x86

c399fd1f3af8087c89dd690ab0fc0c8c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetProcessHeap
CreateFileMappingW
CreateWaitableTimerW
DeleteCriticalSection
GetProcessWorkingSetSize
EnterCriticalSection
CancelWaitableTimer
InterlockedDecrement
GlobalDeleteAtom
SetWaitableTimer
UnmapViewOfFile
VirtualAlloc
SetProcessShutdownParameters
ResetEvent
GetTickCount
HeapFree
SetPriorityClass
CloseHandle
WaitForSingleObject
GetTickCount
VirtualFree
WaitForMultipleObjectsEx
GetCommandLineW
VerifyVersionInfoW
FlushInstructionCache
OpenProcess
MulDiv
CreateMutexW
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
CreateFileW
lstrcpyW

atl

ord16
ord30
ord58
ord44
ord43
ord18
ord17

gdi32

SelectObject
CreateCompatibleBitmap
DeleteObject
GetDeviceCaps
CreateSolidBrush

ole32

CoInitializeEx
CoCreateInstance
CoTaskMemAlloc

msvcrt

?terminate@@YAXXZ
_exit
_wcmdln
wcslen
_c_exit
__setusermatherr
swscanf
_XcptFilter
_controlfp
__dllonexit
_ftol
??3@YAXPAX@Z
wcscpy
__p__commode
_CIpow
fclose
_itow
free
_wfopen
??1type_info@@UAE@XZ
_cexit
wcsstr

advapi32

RegSetValueW
CopySid
GetLengthSid
RegCreateKeyW
SetSecurityDescriptorOwner
GetTokenInformation
RegCloseKey

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInfo
SetupDiOpenDevRegKey

hid

HidD_GetProductString
HidP_GetSpecificButtonCaps
HidD_GetPreparsedData
HidD_GetAttributes
HidP_MaxUsageListLength

user32

GetDoubleClickTime
DestroyWindow
InflateRect
CallWindowProcW
SetWindowsHookExW
CallNextHookEx
UnhookWindowsHookEx
WindowFromPoint
SystemParametersInfoW
CloseDesktop
EnumDisplayMonitors
GetPropW
EnumDisplaySettingsW
GetDC
GetMessageW
GetWindowLongW
DefWindowProcW
CreateWindowExW
CharNextW
ClientToScreen
GetUserObjectInformationW
GetThreadDesktop
DrawIconEx
PtInRect
PostThreadMessageW
SetThreadDesktop
SetWindowLongW

Sections

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c399fd1f3af8087c89dd690ab0fc0c8c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

atl

gdi32

ole32

msvcrt

advapi32

setupapi

hid

user32

Sections

.text Size: 176KB - Virtual size: 176KB

.data Size: 66KB - Virtual size: 66KB

.rsrc Size: 12KB - Virtual size: 552KB

.text
Size: 176KB - Virtual size: 176KB

.data
Size: 66KB - Virtual size: 66KB

.rsrc
Size: 12KB - Virtual size: 552KB