1565d91c57629116570d22dc0792bd96_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1565d91c57629116570d22dc0792bd96_JaffaCakes118
Size

147KB
MD5

1565d91c57629116570d22dc0792bd96
SHA1

3945fc733f7b4c362d1f88e24e2704f481c00870
SHA256

da39e5ee6063d055de607fa2d2ffba74d0caad4f83784954b012b8d8530ab926
SHA512

3c363a13eb0c61fc6cbd57ea4216e3c3140edb5a2469a4952c6913467a69d2a15988361ca9436605ccc19fca808ffab180eedccc99ef7c9159410353ad0203ad
SSDEEP

3072:S9nCkh+ZiAogLZ7qa28uixDWlFxVv8vNVl5BvHWNUtBEHaBb+WRY:S5Ckh+QAFtq75SMFxtANJNHWNUtz2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1565d91c57629116570d22dc0792bd96_JaffaCakes118

Files

1565d91c57629116570d22dc0792bd96_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2480fa2df410ee9825aa9525dc6b7ebf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mtxoci

ocan
odescr
odefin
MTxOciRegisterCursor
MTxolog
obndrn
orol
oexn
ocof
oopen
oermsg
MTxOciInit
oopt
oclose
oparse
ocom
oerhms
ofetch
oflng
obindps
Enlist
ofen
osetpi
oexec
oexfet
ogetpi
obndra
ocon
obndrv
olog

msvcrt

__set_app_type
_endthread
__getmainargs
_mbctolower
getc
_get_osfhandle
_Getmonths
fputws
system
vfwprintf
_ismbcpunct
exit
_ismbbpunct
swscanf
_strnicoll
fgetpos
_chgsign
_wcstoi64
_callnewh
wcsspn
_mbsdec
_EH_prolog
fscanf
ceil
towupper
wcspbrk
__p__commode
_seh_longjmp_unwind
_nextafter
longjmp
_wfopen

user32

MessageBoxW
EndDialog

atmlib

ATMFontAvailableA
ATMGetOutline
ATMGetGlyphListA
ATMGetBuildStr
ATMRemoveFontA
ATMClient
ATMGetNtmFieldsA
ATMFontStatusW
ATMSetFlags
ATMAddFontExW
ATMGetPostScriptNameW
ATMEnumMMFontsA
ATMGetVersionExW
ATMEnumFontsA

atl

AtlDevModeW2A
AtlModuleGetClassObject
AtlIPersistStreamInit_Load
AtlModuleRevokeClassObjects
AtlModuleTerm
AtlAxGetHost
AtlModuleAddCreateWndData
AtlHiMetricToPixel
AtlModuleUpdateRegistryFromResourceD
AtlPixelToHiMetric
AtlModuleUnRegisterTypeLib
AtlModuleRegisterWndClassInfoW
AtlAxAttachControl
AtlModuleRegisterClassObjects
AtlUnadvise
AtlAxDialogBoxA
AtlModuleUnregisterServer
AtlAxDialogBoxW
AtlGetVersion
AtlModuleInit
AtlModuleExtractCreateWndData
AtlModuleUnregisterServerEx
AtlIPersistPropertyBag_Load
AtlModuleRegisterWndClassInfoA
AtlGetObjectSourceInterface
AtlWaitWithMessageLoop

kernel32

IsBadReadPtr
GetProcessWorkingSetSize
GetOEMCP
GetProcessTimes
FileTimeToSystemTime
SetEvent
VirtualUnlock
CancelDeviceWakeupRequest
RemoveDirectoryW
LoadLibraryW
CreateFileMappingA
UnmapViewOfFile
DeviceIoControl
BindIoCompletionCallback
GetProfileSectionA
DefineDosDeviceW
SetFileShortNameA
RtlZeroMemory
Heap32ListFirst
GetExitCodeProcess
HeapCreate
GlobalHandle
EnumCalendarInfoA
EnumSystemCodePagesA

msdart

?RemoveTail@CLockedDoubleList@@QAEQAVCListEntry@@XZ
?_TryWriteLock@CReaderWriterLock2@@AAE_NJ@Z
?SetDefaultSpinCount@CSmallSpinLock@@SGXG@Z
MpHeapFree
?SetSpinCount@CSpinLock@@QAE_NG@Z
?_H1@CLKRLinearHashTable@@ABEKK@Z
?GetDefaultSpinAdjustmentFactor@CFakeLock@@SGNXZ
?ReadUnlock@CCritSec@@QAEXXZ
?SetDefaultSpinCount@CSpinLock@@SGXG@Z
?MaxSize@CLKRHashTable@@QBEKXZ

shell32

SHGetMalloc

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2480fa2df410ee9825aa9525dc6b7ebf

Headers

File Characteristics

Imports

mtxoci

msvcrt

user32

atmlib

atl

kernel32

msdart

shell32

Sections

.text Size: 91KB - Virtual size: 90KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 13KB - Virtual size: 81KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 91KB - Virtual size: 90KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 13KB - Virtual size: 81KB

.rsrc
Size: 4KB - Virtual size: 3KB