1422421d1249e4ab413a2d89f6eae0dc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1422421d1249e4ab413a2d89f6eae0dc_JaffaCakes118
Size

413KB
MD5

1422421d1249e4ab413a2d89f6eae0dc
SHA1

09161617ef6640b91572689258b8d4388afccbe3
SHA256

0ed6a59d628fa1eff74ec1f6d6f66db2a8212d26b349eba7c3285fe43e0e32ac
SHA512

8b38e91fc598d9e1295ec6fcdd70366f8fe4aa596252112420796f2d6d34d7b92bba572c47c8625f0f0e761d2c79795cc8ca5abef9a40ecdb31b61d092d56283
SSDEEP

12288:ySwBL9ZzEbE7Zs2+Pfxl8USHHQ0uoM67N5mkrsKWDLy+RTp:yS0BZzeKZspPfxlSnQD02KWXy+RT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1422421d1249e4ab413a2d89f6eae0dc_JaffaCakes118

Files

1422421d1249e4ab413a2d89f6eae0dc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4fb53bd0a457ddd463fc5adb63147e64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

PatBlt
SetDIBits
GetObjectW
SetDIBColorTable
SetDIBitsToDevice
SelectObject
SetStretchBltMode
DeleteObject
SetMapMode
CreateSolidBrush
GetNearestPaletteIndex
GetCurrentObject
GetNearestColor
StretchDIBits
SelectPalette

ws2help

WahCloseThread

ntdll

NtAllocateVirtualMemory

ole32

ReleaseStgMedium

msvcrt

_except_handler3
free
fprintf
exit
_purecall
__CxxFrameHandler
_snprintf
_iob
realloc
sscanf
_adjust_fdiv
_setjmp3
_initterm
getenv
malloc
longjmp

user32

UnionRect

kernel32

QueryPerformanceCounter
TerminateProcess
GetCurrentThreadId
Beep
UnhandledExceptionFilter
GetLastError
GlobalDeleteAtom
GlobalAddAtomA
InterlockedIncrement
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcessId
GetTickCount
LeaveCriticalSection
lstrlenA
InterlockedDecrement
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount

wininet

InternetCrackUrlW

advapi32

QueryServiceStatus
RegSetValueExW

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 270KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4fb53bd0a457ddd463fc5adb63147e64

Headers

File Characteristics

Imports

gdi32

ws2help

ntdll

ole32

msvcrt

user32

kernel32

wininet

advapi32

Sections

.text Size: 43KB - Virtual size: 43KB

.reloc Size: 512B - Virtual size: 28B

.rsrc Size: 28KB - Virtual size: 28KB

.data Size: 69KB - Virtual size: 920KB

.rdata Size: 270KB - Virtual size: 270KB

.text
Size: 43KB - Virtual size: 43KB

.reloc
Size: 512B - Virtual size: 28B

.rsrc
Size: 28KB - Virtual size: 28KB

.data
Size: 69KB - Virtual size: 920KB

.rdata
Size: 270KB - Virtual size: 270KB