142189d89c654a9496725134a8b01ded_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

142189d89c654a9496725134a8b01ded_JaffaCakes118
Size

116KB
MD5

142189d89c654a9496725134a8b01ded
SHA1

72e88aa8ec97baceaf0e36c45066e3c604592b4f
SHA256

1553c465e34606ef451c8e3a80579deee46f6fec2c1ce44befa7267508fa5787
SHA512

1be22e500d54670550d194468a836593ebd4211462760ddb807099e6e361e87586067ab7f9a026ff2ecf447ae760421d605e8949a2a889a3963ec4a5e9202cc7
SSDEEP

1536:CEP894bSD/7DKHvBGnwfUV53MTBrzNsEgeMkPD6q0XDdMOUBWRaas4V:yGGgsn/V53MTBrGTe/fIdxU4aaV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
142189d89c654a9496725134a8b01ded_JaffaCakes118

Files

142189d89c654a9496725134a8b01ded_JaffaCakes118
.dll windows:4 windows x86 arch:x86

981485aad6d38aa705ebb72a53bebb7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
SetUnhandledExceptionFilter
SetLastError
FreeLibrary
DisableThreadLibraryCalls
GetVersionExA
GetFileAttributesW
ReleaseMutex
WaitForSingleObject
CreateMutexW
GetLocaleInfoW
GetGeoInfoW
GetTickCount
GetUserDefaultLCID
GetUserGeoID
LocalFree
LocalAlloc
GetUserDefaultLangID
HeapFree
FormatMessageW
lstrcmpW
GetProcessHeap
HeapAlloc
lstrlenW
InterlockedDecrement
InterlockedIncrement
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
CloseHandle
GetLastError
GetCommandLineA
GlobalFree
VirtualProtect
GetSystemDefaultLCID
GlobalAlloc

user32

PostMessageW
GetParent
GetWindowLongW
SetWindowLongW
GetDlgItem
LoadStringW
SetDlgItemTextW
IsWindowVisible
SendMessageW
GetDlgItemTextW
LoadIconW
DestroyIcon
EnableWindow
SetFocus
MessageBoxW
CheckDlgButton
SendDlgItemMessageW
SetCursor
LoadCursorW
CharLowerBuffW
KillTimer
ShowWindow
IsDlgButtonChecked

advapi32

RegOpenKeyExW
DuplicateTokenEx
GetTokenInformation
RevertToSelf
RegCloseKey
RegCreateKeyExW
SetThreadToken

gdi32

GetObjectType
GetCurrentObject
DeleteDC
GetDeviceCaps
GetObjectA

ole32

CreateBindCtx
OleUninitialize
CoCreateInstance
CoTaskMemFree
StringFromCLSID
CoCreateGuid
CoInitializeEx

msvcr71

_except_handler3
_adjust_fdiv
_amsg_exit
_XcptFilter
_onexit
malloc
free
_wcsicmp
memset
_initterm
memcpy
_vsnwprintf
__CppXcptFilter
__dllonexit

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

981485aad6d38aa705ebb72a53bebb7b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcr71

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 4KB - Virtual size: 34KB

.rsrc Size: 8KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 4KB - Virtual size: 34KB

.rsrc
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 3KB