f8e4401dff213d69435c8a4c95a5deea_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f8e4401dff213d69435c8a4c95a5deea_JaffaCakes118
Size

369KB
MD5

f8e4401dff213d69435c8a4c95a5deea
SHA1

ac46f81e1385154221a02174c2a284eb858cf48b
SHA256

ceba6ad4b778705c6fc2a4a968b93c5da232a3c545cf0e62bacc624c7f674b5c
SHA512

6c815cd96e88749c1753187d3c433388e6086fb653f7b8c827e7d371426dba4b3667419651417589ebc9e72b40e85c9d58608ed65c1abe756c316ed83cfa7156
SSDEEP

6144:3v3+5MVSBtJ/M7Ikc3TFarEwxhJyyQaAt6REgdfSVzQtYMhNufkF8UWYXMrj2L:/0OSR01P47wdt9YMhaAXMryL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f8e4401dff213d69435c8a4c95a5deea_JaffaCakes118

Files

f8e4401dff213d69435c8a4c95a5deea_JaffaCakes118
.exe windows:5 windows x86 arch:x86

177061826f0bac4baefbafc6e2e4f049

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

isspace
_cexit
_local_unwind2
_mbslen
_onexit
__CxxFrameHandler
_wcsdup
localtime
fwrite
time
_wfopen
_wcmdln
wcslen
_wcsicmp
fread
wcspbrk
wcschr
_wcsupr
_initterm
exit
_wcsrev
fflush
mktime
free
wcsrchr
calloc

gdi32

DeleteObject
PatBlt
CreateRectRgn
SelectObject

ole32

CoTaskMemFree
CLSIDFromString

shell32

SHGetMalloc

ntdll

NtSetQuotaInformationFile
wcstoul
_aulldvrm
wcscspn
NtQueryQuotaInformationFile
towupper

kernel32

DeleteCriticalSection
GetExitCodeThread
GetVersion
GetLastError
SetFilePointer
LockFile
SystemTimeToFileTime
FileTimeToLocalFileTime
FreeLibrary
LoadLibraryA
ReleaseMutex
HeapQueryInformation
FindClose
SetEndOfFile
VirtualAlloc
DeviceIoControl
CloseHandle
VerSetConditionMask
WaitForSingleObject
QueryPerformanceCounter
OpenMutexA
GetModuleHandleA
CreateMutexA
GetCurrentProcessId
LeaveCriticalSection
FlushFileBuffers
SetLastError
LockResource
HeapFree
LocalFileTimeToFileTime
GetProcessHeap

netapi32

NetWkstaGetInfo
NetApiBufferSize

comctl32

ImageList_AddMasked
ImageList_ReplaceIcon

advapi32

InitializeAcl
GetTokenInformation
FreeSid
AddAccessAllowedAce
OpenProcessToken
RegOpenKeyExA

user32

TranslateMessage
SendMessageA
GetDesktopWindow
GetMessageA
DeleteMenu
SetActiveWindow
DestroyWindow
MapDialogRect
ShowWindow
GetMenu
GetIconInfo
InvalidateRect
GetFocus
UpdateWindow
RegisterClassExA
GetActiveWindow
CreateWindowExA
CreateIconIndirect
DispatchMessageA
CallNextHookEx
DefWindowProcA
ChildWindowFromPoint
ReleaseDC
LockSetForegroundWindow
SetWindowPos
ScreenToClient
GetKeyState
DrawFocusRect
WindowFromPoint

syssetup

AsrFreeContext

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 182KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

177061826f0bac4baefbafc6e2e4f049

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

gdi32

ole32

shell32

ntdll

kernel32

netapi32

comctl32

advapi32

user32

syssetup

Sections

.text Size: 185KB - Virtual size: 185KB

.data Size: 182KB - Virtual size: 184KB

.text
Size: 185KB - Virtual size: 185KB

.data
Size: 182KB - Virtual size: 184KB