298d69ae70e1838bbf7643e91a123810_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

298d69ae70e1838bbf7643e91a123810_JaffaCakes118
Size

364KB
MD5

298d69ae70e1838bbf7643e91a123810
SHA1

1bd58094bb664b10445d08125f97966e658c5114
SHA256

e774c9b9f141028683bbcf86200698ab33cf29d7adc73e6e345ccd9977d3ccb6
SHA512

d9c6bb30769ea256e23137ed6d64b9a0b76d1e91f22533a6b467d91ce201e26f33ba530cab17eae300cc182644adf6deb1b47a14c69fd133d591429e147f5fa2
SSDEEP

6144:jIRp6pKW6P8cG6p7fk+QGifBdzPV64KzegDuAOD1GWha:jap6f6JG6pIE4fzPV64KegUUWha

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
298d69ae70e1838bbf7643e91a123810_JaffaCakes118

Files

298d69ae70e1838bbf7643e91a123810_JaffaCakes118
.exe windows:5 windows x86 arch:x86

27b67ebc23a2fd0d27fc5e78b5bf4614

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
WriteConsoleW
HeapSize
FlushFileBuffers
HeapReAlloc
IsProcessorFeaturePresent
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
LCMapStringW
LoadLibraryW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
CreateSemaphoreA
GetFileType
SetHandleCount
GetEnvironmentStringsW
WaitForSingleObject
GetModuleFileNameA
RaiseException
WideCharToMultiByte
MultiByteToWideChar
RtlUnwind
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameW
GetStdHandle
WriteFile
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
CreateThread
CloseHandle
GetVersionExA
OutputDebugStringA
WaitForMultipleObjects
LoadLibraryA
GlobalFree
GetProcAddress
QueryPerformanceCounter
ReleaseSemaphore
GetOEMCP
GetACP
HeapCreate
Sleep
DeleteCriticalSection
GlobalAlloc
InterlockedDecrement
InterlockedIncrement
GetCPInfo
EncodePointer
DecodePointer
ExitProcess
FreeLibrary
GetCurrentProcess
HeapAlloc
FreeEnvironmentStringsW
GetModuleHandleW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapFree
GetLastError

user32

FindWindowA
DialogBoxParamA
UpdateWindow
SetCaretPos
UnregisterHotKey
LoadCursorA
IsWindow
CreateCaret
AppendMenuA
GetSystemMenu
GetWindowRect
PostQuitMessage
LoadStringA
GetParent
LoadIconA
GetWindowInfo
WindowFromPoint
GetClientRect
ShowCaret
GetDC
GetWindowTextA
GetWindowLongA
SetClassLongA
EndDialog
GetSysColor
GetCursorPos
LoadAcceleratorsA

gdi32

GdiFlush
GetCurrentPositionEx
GetTextMetricsA

winspool.drv

ClosePrinter

gdiplus

GdipCreatePen1
GdipDrawLineI
GdipCloneImage
GdipFree
GdipDeletePen
GdipDeleteGraphics
GdipDrawImageRectI
GdipLoadImageFromFile
GdipAlloc
GdipDisposeImage
GdipCreateFromHDC

opengl32

glVertex3f
glEnd
glNormal3f
glClear
glBegin

Sections

.text
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27b67ebc23a2fd0d27fc5e78b5bf4614

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

gdiplus

opengl32

Sections

.text Size: 283KB - Virtual size: 282KB

.rdata Size: 50KB - Virtual size: 49KB

.data Size: 6KB - Virtual size: 19KB

.bss Size: 17KB - Virtual size: 17KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 283KB - Virtual size: 282KB

.rdata
Size: 50KB - Virtual size: 49KB

.data
Size: 6KB - Virtual size: 19KB

.bss
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 6KB - Virtual size: 6KB