fdaa8a1db9e5da61db319678e567e625_JaffaCakes118

General

Target

fdaa8a1db9e5da61db319678e567e625_JaffaCakes118
Size

11KB
MD5

fdaa8a1db9e5da61db319678e567e625
SHA1

b7aaacdc8afada1a33f4a673b7c129642476ce44
SHA256

bb2dc01a2ffd1a09b9968aa6508fe38ac5afb3435dac6537e67f40f23a2a19ac
SHA512

1c4690aee032cbb20504a03fe2b6e0cf86162906c7bdf70363ff3830338c721909240171153011bf4029d20a75acb995b9582c254cb6aeac9c40687a3cacf817
SSDEEP

192:/57iEwMZiChSRZkY5N0oMMFbLoh7oJs8Mp2rRTQLswMn:/5eiERHN0o3bgYbMp2rlQLQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdaa8a1db9e5da61db319678e567e625_JaffaCakes118

Files

fdaa8a1db9e5da61db319678e567e625_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ecc59f8d15f3553af3a7c76310c0c3b8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

strcpy
??2@YAPAXI@Z
??3@YAXPAX@Z
memcmp
memset
_EH_prolog
__CxxFrameHandler
_onexit
__dllonexit
??1type_info@@UAE@XZ

mfc42

ord539
ord800
ord6467
ord1578
ord600
ord826
ord1176
ord1243
ord269

kernel32

LocalAlloc
LocalFree
MultiByteToWideChar
GetProcessHeap
HeapAlloc
CreateThread
GetModuleHandleA
GetLastError

user32

DispatchMessageA
TranslateMessage
GetMessageA
MessageBoxA
SetWindowLongA
ShowWindow
GetWindowLongA
GetClientRect
GetClassInfoExA
LoadCursorA
RegisterClassExA
DestroyWindow
DefWindowProcA

ole32

CoCreateInstance
OleInitialize
CoInitializeEx
OleSetContainedObject
OleRun

oleaut32

SysAllocStringLen
SysFreeString

Exports

Exports

NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 726B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ecc59f8d15f3553af3a7c76310c0c3b8

Headers

File Characteristics

Imports

msvcrt

mfc42

kernel32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 4KB

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 726B

.text
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 4KB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 726B