fd9c3edbd148d1c8bbda9c6e4a6f36c5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fd9c3edbd148d1c8bbda9c6e4a6f36c5_JaffaCakes118
Size

235KB
MD5

fd9c3edbd148d1c8bbda9c6e4a6f36c5
SHA1

0e98549f70c3e446b2aca808c8a6d3a28891780e
SHA256

f010c696cbf7103eee51abfff11aadeae623f6587e4e0ca40f6332da5edbe76c
SHA512

cef87f265143b8d8d275871241f2c29532aff39653da4ffa92ecd99a2c83873ed1dfaa4a77c89c2d30952bb791332b08e60dfeb5f4bf9dae4a9e0534a03d8cae
SSDEEP

6144:RUM+g6hrsAk0/lEx6UO2U9lrUslMIyEctGAYznle2wYXiFD:RR+g6hAAk0/lExRUYtI2GVk0i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd9c3edbd148d1c8bbda9c6e4a6f36c5_JaffaCakes118

Files

fd9c3edbd148d1c8bbda9c6e4a6f36c5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6467f903c6ca8dc99c6d3363c0a1d4f7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

VerQueryValueA
VerFindFileA

gdi32

GetDCOrgEx

user32

GetWindow
IsDialogMessageW
DrawAnimatedRects
MsgWaitForMultipleObjects
EmptyClipboard
SetRect
GetMenuItemCount
GetScrollInfo
GetKeyboardLayoutList
ReleaseDC
RegisterClassA
WindowFromPoint
IsWindowUnicode
EnableWindow
LoadBitmapA
DrawIcon
LoadKeyboardLayoutA
WaitMessage
GetWindowPlacement
InvalidateRect
CharLowerA
IsWindowEnabled
GetMessagePos
DestroyMenu
GetFocus

kernel32

GetCommandLineW
LoadLibraryA
IsBadReadPtr
GetLastError
GetModuleHandleW
SetEndOfFile
GetModuleHandleA
GetCommandLineA
VirtualAllocEx
GetProcAddress
lstrlenA
lstrlenW
ExitProcess
ExitThread
lstrcpynA

comdlg32

GetOpenFileNameA
FindTextA
GetSaveFileNameA
ChooseColorA

oleaut32

SysAllocStringLen
OleLoadPicture
RegisterTypeLib
SysReAllocStringLen
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayCreate
SysStringLen
SafeArrayGetUBound
VariantChangeType

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 169KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 1024B - Virtual size: 878B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6467f903c6ca8dc99c6d3363c0a1d4f7

Headers

File Characteristics

Imports

version

gdi32

user32

kernel32

comdlg32

oleaut32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 169KB - Virtual size: 316KB

.data Size: 9KB - Virtual size: 8KB

BSS Size: 1024B - Virtual size: 878B

.rsrc Size: 9KB - Virtual size: 9KB

.reloc Size: 1024B - Virtual size: 744B

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 169KB - Virtual size: 316KB

.data
Size: 9KB - Virtual size: 8KB

BSS
Size: 1024B - Virtual size: 878B

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 1024B - Virtual size: 744B