3b3ab9f8783c89ccaa6a8b48cf4c05a0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3b3ab9f8783c89ccaa6a8b48cf4c05a0_JaffaCakes118
Size

47KB
MD5

3b3ab9f8783c89ccaa6a8b48cf4c05a0
SHA1

bfa8c7544c75457be4e1814d870b6059357b904e
SHA256

92dd36a3cc5f7445750b201b005250ffdbf9e6f78efee0dc7a01df2bd9ecb65d
SHA512

6a8ea7ffaced9af43290cf48b7fdd407f6d237d42d37c22cc3c320ae715f902722675301912ff632362696ef34565352a41ede160e6cfa0dfcfabe564549ecfd
SSDEEP

768:lnfAznL+pyWr8DtUwGejNT7tBKKrX3zrXRToNEmz2o:lnfAznagZ9pNHrX3zbNoNEs2o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b3ab9f8783c89ccaa6a8b48cf4c05a0_JaffaCakes118

Files

3b3ab9f8783c89ccaa6a8b48cf4c05a0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d986045fa2b6e3ea6bec6fede5033406

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoFreeLibrary
OleCreateLinkFromData
GetClassFile
OleSetContainedObject
CoIsHandlerConnected
CoReleaseMarshalData
HACCEL_UserFree
CoReleaseServerProcess
GetErrorInfo
CoSetCancelObject
CoRegisterSurrogateEx
StgOpenAsyncDocfileOnIFillLockBytes
StgSetTimes
CLIPFORMAT_UserSize
CLSIDFromString
StgConvertPropertyToVariant
UtConvertDvtd32toDvtd16
CreateFileMoniker
CoReactivateObject
CoTestCancel
CoGetObject
CoGetDefaultContext
OleCreateLinkEx
CoGetCallerTID
CoGetInstanceFromIStorage
HDC_UserMarshal
CoGetObjectContext
UtConvertDvtd16toDvtd32
CreateBindCtx
CoSetProxyBlanket
StgOpenStorage
ReadStringStream
CoGetContextToken
CreateStreamOnHGlobal
CoInitializeWOW

gdi32

MaskBlt
GetBitmapDimensionEx
StrokeAndFillPath
CopyEnhMetaFileA
GetCharWidthW
SetAbortProc
DdEntry22
EngUnicodeToMultiByteN
DdEntry30
GetEUDCTimeStampExW
GetRegionData
DdEntry10
GdiEndPageEMF
SetWindowOrgEx
GetViewportOrgEx
Escape
cGetTTFFromFOT
SetBrushAttributes
DdEntry18
DdEntry31

duser

GetGadgetSize
IsInsideContext
PeekMessageExA
DUserSendEvent
DUserCastHandle
UnregisterGadgetProperty
DUserGetAlphaPRID
WaitMessageEx
ForwardGadgetMessage
DUserRegisterSuper
RegisterGadgetMessage
GetGadget
DUserGetRectPRID
GetStdColorPenF
DUserInstanceOf

kernel32

GetWindowsDirectoryA
FormatMessageW
FatalAppExitW
EnumSystemLocalesA
EnumUILanguagesW
CallNamedPipeA
GetMailslotInfo
SetFileAttributesW
GlobalAddAtomA
SetEnvironmentVariableA
InitializeCriticalSection
EnumResourceTypesA
RtlMoveMemory
BuildCommDCBW
GetProcessHeaps
TlsGetValue
ClearCommBreak
VirtualAlloc
CallNamedPipeW
LoadLibraryA
HeapLock
IsValidCodePage

asycfilt

FilterCreateInstance

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d986045fa2b6e3ea6bec6fede5033406

Headers

DLL Characteristics

File Characteristics

Imports

ole32

gdi32

duser

kernel32

asycfilt

Sections

.text Size: 39KB - Virtual size: 38KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 56KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 39KB - Virtual size: 38KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 56KB

.rsrc
Size: 1KB - Virtual size: 1KB