45d2625eb11437fc830adcf4baff2b81_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45d2625eb11437fc830adcf4baff2b81_JaffaCakes118
Size

143KB
MD5

45d2625eb11437fc830adcf4baff2b81
SHA1

63e828b7191026122c7700a15b4ce4dee069f2f3
SHA256

6de085472dc6f36cf52c3461317026a5d8f2fd551c16ace636dc28be15cf7101
SHA512

c4454b3c175209ae69a4b2c68028dd80ceb6998bdc248fe9f58d04dd7dc613269745c64d326c824e757c16fda8cd7a13dbe94eaf8883ab18de2c90e370ca0591
SSDEEP

3072:11/pbMsdhBH5NOPXUnKFxkgD6AQUFD5/a8:11/9NnCBuAf5/a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45d2625eb11437fc830adcf4baff2b81_JaffaCakes118

Files

45d2625eb11437fc830adcf4baff2b81_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f5870f5c6f04db0136b5f802f321e656

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
ExitThread
GetDriveTypeW
lstrcpyW
GetProcessHeap
VirtualAlloc
GetVersionExA
LocalFileTimeToFileTime
VirtualProtect
SetHandleCount
DeleteFileW
HeapReAlloc
GetProcAddress
GetComputerNameA
SystemTimeToFileTime
WriteFileGather
GetTempPathA
GlobalSize
CreateFileW
VirtualFree
FormatMessageW
GetNumberFormatW
GlobalAlloc
SetErrorMode
WaitForSingleObject
WriteFileEx
DeleteTimerQueueTimer
ReleaseMutex
CreateEventA
OutputDebugStringA
lstrcmpW
DeleteCriticalSection
LoadLibraryW
GetModuleHandleA

msvcrt

memset
malloc
_wcmdln
exit
_onexit
fprintf
strpbrk
_exit
wcstok
_CxxThrowException
_controlfp
wcsrchr
__setusermatherr
_wcsnicmp
memmove

user32

wsprintfA
DrawTextW
IsWindowEnabled
PostMessageW
PostThreadMessageW
DrawEdge
GetProcessWindowStation
GetMessageW
FillRect
IntersectRect
DefDlgProcW
MsgWaitForMultipleObjects
LoadCursorW
CopyRect
UnregisterClassW
SetDlgItemInt
EnableWindow
RegisterWindowMessageW
SendDlgItemMessageW
FrameRect
RegisterClassW
SystemParametersInfoA
CreateDialogParamW
SetWindowTextA
GetSystemMenu

gdi32

RealizePalette
CreatePen
GetObjectA
SetWindowExtEx
StretchBlt
SetTextAlign
SetStretchBltMode
CreateBitmap
CreateRoundRectRgn
DeleteDC
DeleteObject
GetTextExtentPointW
CreateCompatibleDC
SelectPalette
GetRegionData
ExtTextOutW
CreateCompatibleBitmap
MoveToEx
Rectangle
GetTextMetricsW
SelectObject

tapi32

lineGetIDW
lineCompleteCall
tapiRequestMediaCallA
phoneGetLamp
lineAddProviderW
lineSetAgentMeasurementPeriod
MMCInitialize
phoneShutdown

Exports

Exports

FfdYpvvdxuJgkqeuxJfqxQx
DrrOzvb
StquAiehPztqgumUg

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 142B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5870f5c6f04db0136b5f802f321e656

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

tapi32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 3KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 36B

.data Size: 51KB - Virtual size: 51KB

.edata Size: 39KB - Virtual size: 38KB

.rsrc Size: 34KB - Virtual size: 33KB

.reloc Size: 512B - Virtual size: 142B

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 3KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 36B

.data
Size: 51KB - Virtual size: 51KB

.edata
Size: 39KB - Virtual size: 38KB

.rsrc
Size: 34KB - Virtual size: 33KB

.reloc
Size: 512B - Virtual size: 142B