11e20cf9d82d4311a629af21b79e8941_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

11e20cf9d82d4311a629af21b79e8941_JaffaCakes118
Size

105KB
MD5

11e20cf9d82d4311a629af21b79e8941
SHA1

6ee451bd788da71c7af51c7818348ec5e603113f
SHA256

f640e0d55f399f35a986bc942c2498ce6f37465afed7319167989ddc0d71a3c1
SHA512

8b8230aaa834fe9c49aed9375dee10de3c22ce69911c191155c54902f5817e63e24bc83eb257e0107d7c3c6d2e13d515f356ceea87ad79c6d65d2b827b39bedd
SSDEEP

1536:OIljsHeoc9hKmhrpMrMT9KM4sBC8jqcj8oWnqBrvC/w9sGuKLoqXtw1tIBr:jVoqFhru895qcjEnq5j68L5C0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11e20cf9d82d4311a629af21b79e8941_JaffaCakes118

Files

11e20cf9d82d4311a629af21b79e8941_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4493614fc106e53758b317a3cf69ed66

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
TlsAlloc
GetTempFileNameA
DeleteCriticalSection
GlobalFree
SetStdHandle
SizeofResource
GetFileAttributesW
SetHandleCount
Sleep
InterlockedDecrement
DeleteFileA
GetCommandLineA
VirtualFree
IsBadWritePtr
Sleep
GetProfileIntA
LeaveCriticalSection
SetPriorityClass
LocalFree
CreateProcessW
LockResource
TlsGetValue
FormatMessageA
FindClose
MultiByteToWideChar
GetLogicalDrives
SetUnhandledExceptionFilter
GetStartupInfoW
SetFileTime
IsBadReadPtr
SetFileAttributesW
HeapAlloc
GetStringTypeA
Beep
GetCommandLineW
GlobalAlloc
SearchPathA
IsBadCodePtr

odbcapi3

_Getcvt
_FNan
_FDtest
_Exp
_Hugeval
_Xbig

user32

InvalidateRect
GetWindowThreadProcessId
TranslateMDISysAccel
CopyRect
GetMenuItemCount
SetRect
IsWindow
CreateCaret
GetCursor
RemoveMenu
GetParent
GetWindowTextA
GetMenu
FrameRect
GetCursorPos
DrawIcon
DefFrameProcA
GetKeyboardLayoutList
DestroyIcon
RegisterClassExW
CallWindowProcA
GetMessageTime
ShowCursor
OffsetRect
GetNextDlgTabItem
ChangeDisplaySettingsExA
TranslateMessage
DrawMenuBar
GetFocus
CreateMenu
KillTimer
SetActiveWindow
ShowCaret
RedrawWindow
LoadImageA
SetCaretPos
DefMDIChildProcW
MessageBeep
SetCapture
EndPaint

ntdll

ZwSetEvent
RtlCancelTimer
RtlCompareMemory
NtQueryInformationFile
NtQueryValueKey
NtProtectVirtualMemory
ZwCreateTimer

gdi32

GetOutlineTextMetricsA
GetViewportOrgEx
SaveDC
PlayMetaFileRecord
CreatePatternBrush
SetWindowOrgEx
GetRasterizerCaps
GetNearestColor
GetFontData
GetTextFaceA
SetBkColor
GetPixel
GetWinMetaFileBits
DeleteObject
SelectObject
Ellipse
GetBitmapBits
GetTextAlign
Escape
SetMapMode
BitBlt
SetWindowExtEx
GetSystemPaletteUse
LPtoDP

ole32

OleDuplicateData
OleRegEnumVerbs
OleIsCurrentClipboard
OleQueryLinkFromData
WriteClassStm
OleCreateMenuDescriptor
StringFromGUID2
CoIsOle1Class
StgOpenStorageOnILockBytes
CoGetMalloc
CreateGenericComposite
OleCreateEmbeddingHelper

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 211KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4493614fc106e53758b317a3cf69ed66

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

odbcapi3

user32

ntdll

gdi32

ole32

Sections

.text Size: 16KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 211KB - Virtual size: 212KB

.text
Size: 16KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 211KB - Virtual size: 212KB