0daf27144657b272d491ae3ac66eef8c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0daf27144657b272d491ae3ac66eef8c_JaffaCakes118
Size

152KB
MD5

0daf27144657b272d491ae3ac66eef8c
SHA1

d720cd60f795dfffe05de7a6e20ca7b81db348d2
SHA256

998e3fc9e299169673b7343471b28e784978ef6c6a61b4c80c1aa1e6a9d18828
SHA512

29b78251ee1f8fc6ad2c97ef1df9b992fea9cceb025f2d19fbeff9be3e5df3c14de4e81b07f4ad563d80d5a83a9f88d3e09c63807b7dda373fd34532daf6e8b1
SSDEEP

3072:vbjWU0yYLroT3Tfgm6Atkh0eL8ZCwfInHgYXqc2mrMvqFh3oXbYc:vPWUeYxdCjwAnz/n3o0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0daf27144657b272d491ae3ac66eef8c_JaffaCakes118

Files

0daf27144657b272d491ae3ac66eef8c_JaffaCakes118
.exe windows:6 windows x86 arch:x86

258d6caade141a8687cebf0216849b16

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

j-FA_r-CMDEMWPK0oo+MtNPiV3.pdb

Imports

gdi32

GetWindowOrgEx
GetCharWidthW
GetStockObject
GetClipBox
Chord
ExtCreatePen
GetLayout

oleaut32

LoadTypeLibEx
VarCyFromR8
VarCyCmp

user32

PhysicalToLogicalPoint
DrawTextExA
MessageBeep
GetTitleBarInfo
DialogBoxParamA
GetKeyboardType
GetInputState
WindowFromPoint
DrawMenuBar
GetKeyNameTextA
GetGuiResources
GetScrollBarInfo
GetDlgItemTextA
GetKeyState

msvcrt

fread
system
vfprintf

winspool.drv

GetPrinterDataExW

shell32

ExtractIconExW

advapi32

LookupPrivilegeDisplayNameA
LogonUserW

kernel32

WriteProfileStringA
GetProcessId
CloseHandle
GetVersion
GetSystemTimeAsFileTime
GetCommandLineW
GetLargePageMinimum
GetLastError
DosDateTimeToFileTime
SetCommMask
OpenFile
LockFileEx
DebugBreak
GetConsoleTitleA
GlobalDeleteAtom
GetStringTypeA
VirtualAllocEx
GetTempPathA
GetProcessVersion
GetConsoleCursorInfo

secur32

EnumerateSecurityPackagesW

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

258d6caade141a8687cebf0216849b16

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdi32

oleaut32

user32

msvcrt

winspool.drv

shell32

advapi32

kernel32

secur32

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 120KB - Virtual size: 118KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 1016B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 120KB - Virtual size: 118KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 1016B

.reloc
Size: 4KB - Virtual size: 1KB