54717ad838e68c798e49a262e8cc8d69_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

54717ad838e68c798e49a262e8cc8d69_JaffaCakes118
Size

44KB
MD5

54717ad838e68c798e49a262e8cc8d69
SHA1

5ace3c0d97c2180c5f63bf08fed16d246e3c1b28
SHA256

ef46a859702a1ede78cc95482d00fb6cfdaa67c591214fcefc3f0259c07e7e79
SHA512

90dc9d5580ef78590dbb0a2e2735e04efad3c4124f68447213f489a3ef914354ccf39739855936cbd8c7aba7e80f7a8b4c707e61b591eae278e7845e3588ce3a
SSDEEP

768:MOAtOcaOFdxVnpKbY4OyjmITZD0NRVlq+9+ajw8zCFnk3m5w13G8:MychxFpKbYFyjTTZwHlqhqzC23ww13G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54717ad838e68c798e49a262e8cc8d69_JaffaCakes118

Files

54717ad838e68c798e49a262e8cc8d69_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed5db559c358de81643de4bc0f71d583

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

ReleaseStgMedium
CoSetProxyBlanket
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemFree

ntmsapi

EjectDiskFromSADriveW

gdi32

CreateHatchBrush
GetBkColor
ExtTextOutW
DeleteObject

kernel32

lstrcmpW
lstrcpyW
GetModuleHandleA
OutputDebugStringA
lstrcpynW
EnterCriticalSection
GlobalFree
IsBadReadPtr
LeaveCriticalSection
FreeLibrary
GetWindowsDirectoryW
SetUnhandledExceptionFilter
GetLastError
CloseHandle
InterlockedExchange
GetModuleHandleW
SetEvent
GetCurrentThreadId
TerminateProcess
SetLastError
VirtualAlloc
lstrlenW
GetProcAddress
GetComputerNameW
GetFileAttributesW
ResumeThread
LoadLibraryExW
InitializeCriticalSection
LocalAlloc
HeapAlloc
GetProcessHeap
GlobalAlloc
LocalFree
WaitForSingleObject
CreateEventW
GetCurrentProcess
GetCurrentProcessId
GetTickCount
GlobalUnlock
LoadLibraryW
GetSystemTimeAsFileTime
DeleteCriticalSection
UnhandledExceptionFilter
LoadLibraryA
GetVersion
GlobalLock
Sleep
QueryPerformanceCounter

user32

LoadStringW
UnhookWindowsHookEx
RegisterClipboardFormatW
CreatePopupMenu
GetDesktopWindow
WinHelpW
GetParent
DestroyIcon
SetTimer
AppendMenuW
FillRect
SendMessageW
LoadBitmapW
SetWindowsHookExW
InvalidateRect
GetWindowLongW
DrawFocusRect
LoadIconW
CallNextHookEx
KillTimer
CopyRect
GetSysColor
PostMessageW
EnableWindow
RedrawWindow
SetWindowLongW
PostThreadMessageW

dmutil

ShowMessage

activeds

FreeADsMem

msvcrt

exit
_beep
iswdigit
__dllonexit
wcsncpy
swprintf
wcslen
_onexit
swscanf
_adjust_fdiv
free
wcscmp
_chdir
malloc
wcsstr
wcsrchr
_beginthread
wcstoul
__CxxFrameHandler
setlocale
_wtol

shell32

ShellExecuteExW

avifil32

AVIFileInfo

Sections

.textbss
Size: - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ed5db559c358de81643de4bc0f71d583

Headers

File Characteristics

Imports

ole32

ntmsapi

gdi32

kernel32

user32

dmutil

activeds

msvcrt

shell32

avifil32

Sections

.textbss Size: - Virtual size: 240KB

.idata Size: 3KB - Virtual size: 3KB

.text Size: 512B - Virtual size: 500B

.rsrc Size: 39KB - Virtual size: 112KB

.textbss
Size: - Virtual size: 240KB

.idata
Size: 3KB - Virtual size: 3KB

.text
Size: 512B - Virtual size: 500B

.rsrc
Size: 39KB - Virtual size: 112KB