fc721fc58b17243c313c04bbbd63172a_JaffaCakes118

General

Target

fc721fc58b17243c313c04bbbd63172a_JaffaCakes118
Size

10KB
MD5

fc721fc58b17243c313c04bbbd63172a
SHA1

0d364d50bedf2ac97a6885609e35cda6d93c7ee7
SHA256

519c88f9b105d483579e324db03948e127cc2efc1f464fade28e541fe4ddb656
SHA512

d9d46507ab920ecfbc10cf2eba976805bbe1600dff55207b7796cadbed6ac04be879292341b382bcb355c746e2acf5f4a65925ea3d501e16227ec001516843df
SSDEEP

192:NQGcGa+p2z4gfU+4SvIPRrIc5LZDzu3HaSPq2WQW:aGDp2gk6LZ+36YzWQW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc721fc58b17243c313c04bbbd63172a_JaffaCakes118

Files

fc721fc58b17243c313c04bbbd63172a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

92e426cd377efbf32cce730971d8e843

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateMailslotA
EnumTimeFormatsW
EraseTape
ExitProcess
GetDriveTypeA
GetFullPathNameA
GetOverlappedResult
GetStringTypeW
GetWriteWatch
GlobalDeleteAtom
GlobalMemoryStatus
HeapFree
LocalCompact
OpenMutexA
Process32Next
ReadConsoleInputW
SetConsoleCursorPosition
SetProcessAffinityMask
lstrcmpA
lstrlenA

user32

AppendMenuA
BeginDeferWindowPos
CloseClipboard
DrawAnimatedRects
EnableWindow
EndMenu
EnumClipboardFormats
GetCursorPos
GetDesktopWindow
GetMessageW
GetWindowTextW
IMPQueryIMEW
InSendMessage
InSendMessageEx
InsertMenuItemW
LoadStringA
RegisterClassW
SendDlgItemMessageW
SetDebugErrorLevel
SetMessageExtraInfo
ToAscii
VkKeyScanA

gdi32

AbortDoc
CreateDIBPatternBrush
CreateDIBitmap
CreateRoundRectRgn
DPtoLP
EnumFontFamiliesExA
ExtCreatePen
ExtEscape
FillPath
FlattenPath
GetBitmapBits
GetCharWidthA
GetDIBColorTable
GetKerningPairsW
GetLogColorSpaceA
GetMetaRgn
GetNearestColor
GetRasterizerCaps
GetTextExtentPoint32W
GetTextExtentPointA
InvertRgn
PtVisible
RectInRegion
ResetDCA
SetArcDirection
SetBkMode
SetWindowOrgEx
StartDocW
StrokeAndFillPath
UpdateICMRegKeyA

Exports

Exports

ConnectionHiddenAdd
ConnectionHiddenRemove
DisallowedAdd
DisallowedRemove
Exec
InjectorAdd
InjectorRemove
ProcessKill
ProcessList
ProcessTrustedAdd
ProcessTrustedRemove
RegistryHiddenAdd
RegistryHiddenRemove
Update

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92e426cd377efbf32cce730971d8e843

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 512B - Virtual size: 4KB

.data Size: 7KB - Virtual size: 16KB

.idata Size: - Virtual size: 16KB

.rsrc Size: 1024B - Virtual size: 8KB

.text
Size: 512B - Virtual size: 4KB

.data
Size: 7KB - Virtual size: 16KB

.idata
Size: - Virtual size: 16KB

.rsrc
Size: 1024B - Virtual size: 8KB