28cd13176396c172f3a1ed95251b0010_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28cd13176396c172f3a1ed95251b0010_JaffaCakes118
Size

294KB
MD5

28cd13176396c172f3a1ed95251b0010
SHA1

ef921fdba6475da39446a8d2aea01bae03643890
SHA256

3eed981202ffafe3d46873fbfbe9747e636af314a9ad7c640eaf60d0e2be02d9
SHA512

443813e40e82b75b385548cc4c7dc454cd75fc6fbc18e9f2aa94ca8b35f7821353eef2f6cac54274f2b311533e3cbcf259c73d8480c099613e9824698523296c
SSDEEP

6144:m1UohThR+IlrWi3YDAO0ph7KRvn3/7QdorbmHsM+rMlw0sVY:m1Uoh1sCWi3C67mzQWrjM+gGY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28cd13176396c172f3a1ed95251b0010_JaffaCakes118

Files

28cd13176396c172f3a1ed95251b0010_JaffaCakes118
.exe windows:5 windows x86 arch:x86

48e1fe6792212462835d7dd2d6dc095d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
HeapCreate
GetLastError
LocalAlloc
GetThreadTimes
LocalFree
IsProcessorFeaturePresent
HeapReAlloc
GetStringTypeW
MultiByteToWideChar
LCMapStringW
HeapSize
GetProcessTimes
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
TerminateProcess
IsDebuggerPresent
UnhandledExceptionFilter
EnterCriticalSection
GetCurrentThread
GetModuleHandleW
GetCurrentProcess
HeapAlloc
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
RtlUnwind
GlobalMemoryStatus
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapFree
SetUnhandledExceptionFilter
GetProcAddress
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount

user32

RegisterClassA
GetClipboardOwner
TrackPopupMenu
IsClipboardFormatAvailable
LoadMenuA
GetClientRect
SetFocus
InsertMenuItemW
GetQueueStatus
GetCapture
GetForegroundWindow
EnableMenuItem
GetDlgItem
SetWindowLongW
GetCursorPos
LoadStringW
ShowWindow
CreatePopupMenu
IsWindow
CreateWindowExW
SendMessageW
EnableWindow

ole32

CoTaskMemFree
CoCreateInstance

comctl32

ord410

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 188KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48e1fe6792212462835d7dd2d6dc095d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

comctl32

Sections

.text Size: 78KB - Virtual size: 77KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 188KB - Virtual size: 235KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 78KB - Virtual size: 77KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 188KB - Virtual size: 235KB

.rsrc
Size: 18KB - Virtual size: 17KB