5343e9daab173adf141594f87c7386d3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5343e9daab173adf141594f87c7386d3_JaffaCakes118
Size

121KB
MD5

5343e9daab173adf141594f87c7386d3
SHA1

f3da31512354ed42a6cdee2a47ab84436a1f0d03
SHA256

c5ef2ec3a60f9b52d66329c152cffc1829739584c536a2a5ebe25363e686ae5e
SHA512

706d109e733d1c09fe54de5f2d4d9e661cb1fb67043d214d11a196ec349ad29a5d5b45643b939a201f0984725ff0a29817e00359cbe9d220e7ced21051241519
SSDEEP

3072:T8IMG4PAxV9yOCKcrPwIBLjsxUqWwEd3ze:T8IMG4PHKwwIxQ/j+3z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5343e9daab173adf141594f87c7386d3_JaffaCakes118

Files

5343e9daab173adf141594f87c7386d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

066dbe4483a415f2e7c30f65218660c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
CloseHandle
TerminateThread
GlobalReAlloc
GetProcAddress
HeapFree
GetFileType
CreateDirectoryA
LoadLibraryW
GetProcAddress
SetUnhandledExceptionFilter
GetLastError
CreateNamedPipeA
GetTimeFormatW
FindNextFileW
GetCurrentThreadId
GetSystemInfo
CreateDirectoryW
SetFilePointer
ExitProcess
GetWindowsDirectoryW
LoadLibraryA
GetSystemDirectoryA
QueryPerformanceCounter
IsBadWritePtr
WriteConsoleW
lstrcatA
GetModuleHandleA
GetCurrentThread
OutputDebugStringA
GlobalAlloc

tapi32

lineOpenW
lineDevSpecificFeature
lineSetupConference
lineAddToConference

msvcrt

atol
strncpy
_wtoi
__p__commode
_vsnprintf
atoi
_wcsnicmp
towupper
_acmdln
memset
memcpy
wcsncpy
isspace
__wgetmainargs
_iob
wcsncmp

user32

PostQuitMessage
ShowWindow
DeleteMenu
LoadCursorW
RegisterMessagePumpHook
DialogBoxParamW
SystemParametersInfoW
LoadMenuA
DispatchMessageA
LoadAcceleratorsW
RemoveMenu
MsgWaitForMultipleObjects
OpenClipboard
ReleaseDC
InvalidateRect
LoadStringW
SetScrollPos
SetCapture
GetDlgItem
GetKeyState
GetMenuItemCount
GetWindowPlacement
GetAsyncKeyState

gdi32

GetDeviceCaps
SetMapMode
CreatePen
CreateCompatibleDC
SelectObject
DeleteDC
SetPixel
SelectPalette
PatBlt
BitBlt
SaveDC
SetBkColor
CreateSolidBrush
CreateFontIndirectA
SetTextColor

Exports

Exports

UdErywUkbklyAfe
LhKesc
YvicpOcg
QsmnsxKtniMwuaduq
KfjgzfPu

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ttvv
Size: 512B - Virtual size: 277B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

066dbe4483a415f2e7c30f65218660c9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

tapi32

msvcrt

user32

gdi32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 29KB

.rdata Size: 30KB - Virtual size: 29KB

ttvv Size: 512B - Virtual size: 277B

.data Size: 28KB - Virtual size: 27KB

.rsrc Size: 31KB - Virtual size: 30KB

.reloc Size: 512B - Virtual size: 40B

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 30KB - Virtual size: 29KB

ttvv
Size: 512B - Virtual size: 277B

.data
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 31KB - Virtual size: 30KB

.reloc
Size: 512B - Virtual size: 40B