256f235f92e15a0ee570b72c99bb3461_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

256f235f92e15a0ee570b72c99bb3461_JaffaCakes118
Size

108KB
MD5

256f235f92e15a0ee570b72c99bb3461
SHA1

0846ad5c8b10199ba27c1f3861a844d16917a85c
SHA256

a60bcefb211c33042afb4d86dc49d23df51dbb6ec6de009fc8c7c0d37e9b6275
SHA512

5c55f37ca248c095bcbbd5e8e4521e1389250e43df000f366489f7c522b8d01ed443f9b3b6da60ab8a356e73efb8a9c786dae9dae4722c7c586ce9194a80e296
SSDEEP

1536:/VvcacImqjlKbIKiy/RVoVblD1TUtkxmkRjWx4o5o0rRKFGT3lf8MsRGRYgnZr:/zXmyW3JiXUtURjWxZiFGTQRGl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
256f235f92e15a0ee570b72c99bb3461_JaffaCakes118

Files

256f235f92e15a0ee570b72c99bb3461_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f5ce732e4a4370ac8dc9b659218b9242

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadResource
FindResourceW
GetModuleFileNameW
InterlockedExchange
lstrcatW
FileTimeToSystemTime
lstrcmpW
GetWindowsDirectoryW
LoadLibraryW
GetSystemDirectoryW
GetProcAddress
LocalFree
WideCharToMultiByte
lstrcpynW
lstrcpyW
SetLastError
SizeofResource
HeapFree
HeapSize
IsDBCSLeadByte
FormatMessageW
HeapReAlloc
_lread
OpenFile
_lclose
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LocalAlloc
LockResource
GetProcessHeap
MultiByteToWideChar
FreeLibrary
lstrcmpiW
GetLastError
LeaveCriticalSection
EnterCriticalSection
lstrlenW
Sleep
InterlockedCompareExchange
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualProtect
GlobalFree
GetCommandLineA
HeapAlloc
GlobalAlloc

user32

SendDlgItemMessageW
SetDlgItemInt
GetDlgItem
InvalidateRect
GetDialogBaseUnits
GetSysColor
GetWindowLongW
SetDlgItemTextW
GetDlgItemTextW
EndDialog
CharNextW
SendMessageW
WinHelpW
TranslateMessage
MsgWaitForMultipleObjects
DefWindowProcW
CreateWindowExW
LoadBitmapW
CharNextA
LoadStringW
IsCharAlphaW
wsprintfW
DispatchMessageW
PostMessageW
GetParent
SetWindowLongW
EnableWindow
MessageBoxIndirectW
PeekMessageW

advapi32

RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegDeleteKeyW
RegQueryInfoKeyW
RegCloseKey
RegDeleteValueW
RegOpenKeyExW

gdi32

DeleteObject
LineTo
MoveToEx
SetBkColor
GetTextMetricsW
GetStockObject
CreatePen
SelectObject
ExtTextOutW

ole32

StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc

msvcr71

_amsg_exit
_CxxThrowException
free
vfprintf
fprintf
_XcptFilter
memset
_onexit
memcpy
wcstok
_wtoi
_itow
_initterm
malloc
_adjust_fdiv
__CppXcptFilter
__dllonexit
_except_handler3

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5ce732e4a4370ac8dc9b659218b9242

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcr71

Sections

.text Size: 84KB - Virtual size: 82KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 34KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 84KB - Virtual size: 82KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 34KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB