274d980e17c2420d27d64b0bc9ef9551_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

274d980e17c2420d27d64b0bc9ef9551_JaffaCakes118
Size

123KB
MD5

274d980e17c2420d27d64b0bc9ef9551
SHA1

85e9da18871e7b81e20f19a8271d8f8d421525b1
SHA256

a1ec2c572ebfa6a940af4f8d5bb83bbefef6e42f5318b383a76029049d27d2d1
SHA512

353bd8666c25c512759d65ab2a124217aeea866efa4092ce87f24c17aedc0e7457a1fb907c9f6e458bddb3b9c33fac1e1cf568ebf78051ca5d1cc61feada4310
SSDEEP

3072:dos0WGT076cLG5AVxoJnvwtAEY73QUEhh:doCm02cy5ALopL/Ghh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
274d980e17c2420d27d64b0bc9ef9551_JaffaCakes118

Files

274d980e17c2420d27d64b0bc9ef9551_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d4db53171bcf89f5ffa104d1bdf52f1d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
ExitThread
GetDriveTypeW
lstrcpyW
GetProcessHeap
VirtualAlloc
GetVersionExA
LocalFileTimeToFileTime
VirtualProtect
SetHandleCount
DeleteFileW
HeapReAlloc
GetProcAddress
GetComputerNameA
SystemTimeToFileTime
WritePrivateProfileSectionA
GetTempPathA
GlobalSize
CreateFileW
VirtualFree
FormatMessageW
GetNumberFormatW
GlobalAlloc
SetErrorMode
WaitForSingleObject
WritePrivateProfileSectionW
DeleteTimerQueueTimer
ReleaseMutex
CreateEventA
OutputDebugStringA
lstrcmpW
DeleteCriticalSection
LoadLibraryW
GetModuleHandleA

msvcrt

memset
malloc
_wcmdln
exit
_onexit
fprintf
strpbrk
_exit
wcstok
_CxxThrowException
_controlfp
wcsrchr
__setusermatherr
_wcsnicmp
memmove

user32

wsprintfA
DrawTextW
IsWindowEnabled
PostMessageW
PostThreadMessageW
DrawEdge
GetProcessWindowStation
GetMessageW
FillRect
IntersectRect
DefDlgProcW
MsgWaitForMultipleObjects
LoadCursorW
CopyRect
UnregisterClassW
SetDlgItemInt
EnableWindow
RegisterWindowMessageW
SendDlgItemMessageW
FrameRect
RegisterClassW
SystemParametersInfoA
CreateDialogParamW
SetWindowTextA
GetSystemMenu

gdi32

RealizePalette
CreatePen
GetObjectA
SetWindowExtEx
StretchBlt
SetTextAlign
SetStretchBltMode
CreateBitmap
CreateRoundRectRgn
DeleteDC
DeleteObject
GetTextExtentPointW
CreateCompatibleDC
SelectPalette
GetRegionData
ExtTextOutW
CreateCompatibleBitmap
MoveToEx
Rectangle
GetTextMetricsW
SelectObject

tapi32

lineGetIDW
lineCompleteCall
tapiRequestMediaCallA
phoneGetLamp
lineAddProviderW
lineSetAgentMeasurementPeriod
MMCInitialize
phoneShutdown

Exports

Exports

FfdYpvvdxuJgkqeuxJfqxQx
DrrOzvb
StquAiehPztqgumUg

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 142B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4db53171bcf89f5ffa104d1bdf52f1d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

tapi32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 3KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 36B

.data Size: 51KB - Virtual size: 51KB

.edata Size: 39KB - Virtual size: 38KB

.rsrc Size: 34KB - Virtual size: 33KB

.reloc Size: 512B - Virtual size: 142B

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 3KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 36B

.data
Size: 51KB - Virtual size: 51KB

.edata
Size: 39KB - Virtual size: 38KB

.rsrc
Size: 34KB - Virtual size: 33KB

.reloc
Size: 512B - Virtual size: 142B