fa445b426f8a0b27199f7d1adf69cf33_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fa445b426f8a0b27199f7d1adf69cf33_JaffaCakes118
Size

93KB
MD5

fa445b426f8a0b27199f7d1adf69cf33
SHA1

8fb6fb74ce9f726b55da6ef286a537ea3a02fd7e
SHA256

3f1414c1fb32f235d02272a1402f23bff4d39646321c24952a63b354ad0dadad
SHA512

4c12bfb6d798e7e86dc5c7b42a8d04888ed39862f0fec1b36156980a2105a77f5b381549e260fcccf53ab1fabd936ae832eec23a754ef1ac0f9de14d9ed70dbe
SSDEEP

1536:XhkTLJU7+RHXocQpDRlzJIJ+zQ1esxLRcmRBKMTDH6wxO145MjpIP7RW:XKTLXRHXocQpDfNIJKIBRReMTDHO145V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa445b426f8a0b27199f7d1adf69cf33_JaffaCakes118

Files

fa445b426f8a0b27199f7d1adf69cf33_JaffaCakes118
.dll windows:5 windows x86 arch:x86

063378b3ec722b38e76f1349a2eeac59

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

getc
fclose
fseek
putchar
_unlink
fwrite
srand
rand
fread
fopen
fflush
fputc

comctl32

FlatSB_GetScrollProp
UninitializeFlatSB
ord410
ord411
InitCommonControlsEx
FlatSB_EnableScrollBar
InitializeFlatSB

imagehlp

SymSetSearchPath
BindImage
ImageRvaToVa
FindFileInPath
SymInitialize
ImageRvaToSection
SymCleanup
ImageNtHeader
ImageAddCertificate

kernel32

GetProcAddress
FreeLibrary
InterlockedExchange
LoadLibraryA
InterlockedExchangeAdd
LocalAlloc
GetCommConfig
GetOverlappedResult
GetLastError
GetLongPathNameW
GetCommMask
GetShortPathNameW
GetCurrentProcess
GetModuleHandleW
VirtualProtectEx
GetFileTime
CloseHandle
SystemTimeToFileTime
HeapFree
IsBadCodePtr
HeapCreate
FileTimeToSystemTime
RaiseException
GetModuleHandleA

user32

SwitchToThisWindow
GetKeyNameTextW
TranslateAcceleratorA
ReleaseDC
SetCursorPos
UnionRect
SetRect
GetMenuItemRect
DrawStateA
ShowCursor
TranslateMessage
DrawFocusRect
GetDC
BeginPaint
MenuItemFromPoint
DrawIcon
DrawTextA
TrackPopupMenu
GetMessageA
SetCursor
EndPaint
MessageBoxExA

gdi32

BitBlt
GetTextMetricsW
DeleteDC
StretchBlt
DPtoLP
GetPixel
GetGlyphOutlineW
UpdateColors
RestoreDC
GetClipRgn
GetClipBox
CopyMetaFileA
SetBkMode
DeleteObject
CreateCompatibleDC

Exports

Exports

_AppendList@8
_DeleteItem@12
_ResetList@8
_UpdateItem@12

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

063378b3ec722b38e76f1349a2eeac59

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

comctl32

imagehlp

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 408B

.rsrc Size: 79KB - Virtual size: 79KB

.reloc Size: 1024B - Virtual size: 640B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 408B

.rsrc
Size: 79KB - Virtual size: 79KB

.reloc
Size: 1024B - Virtual size: 640B