00b07f49340859270e43d428fd2d7caa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

00b07f49340859270e43d428fd2d7caa_JaffaCakes118
Size

416KB
MD5

00b07f49340859270e43d428fd2d7caa
SHA1

681ac08995d28d6f11a5601b0064590d448eb30b
SHA256

cf1cd6f71d7ec8a1c8a8cef15f67b1f7b51949acc8809a7905b71238b314b50b
SHA512

a7ebd39e64ae24907dac8877b641a237574caee9e97a3903c9636b41afee117429b9401b53bfa179b26b594724738023259b7c383e0117fbe7947e6220536600
SSDEEP

6144:ovKq+Ww2pCD/lcUWKRGiMA9pBW6TjO3w6T4fV+vMiEhHuiKKuDlcjJ/d+ntVe4:W1w2pUlvWvLbYsqFv9uDlcjKr3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00b07f49340859270e43d428fd2d7caa_JaffaCakes118

Files

00b07f49340859270e43d428fd2d7caa_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dba0a86efaee463117715392def45ec2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetWindowsHookExA
MessageBoxA
UnhookWindowsHookEx
ChangeDisplaySettingsA
GetForegroundWindow
GetWindowTextA
GetMenu
SetWindowTextA
GetWindowLongA
ShowCursor
AdjustWindowRectEx
SetWindowPos
SendMessageA
CallNextHookEx
SetWindowLongA
CallWindowProcA
ShowWindow
KillTimer

kernel32

GetEnvironmentStringsW
GetModuleHandleA
InterlockedDecrement
GetStringTypeW
InterlockedIncrement
LCMapStringW
LCMapStringA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetStringTypeA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
MultiByteToWideChar

Exports

Exports

About

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SHARD_DA
Size: 4KB - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 368KB - Virtual size: 368KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dba0a86efaee463117715392def45ec2

Headers

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 12KB

SHARD_DA Size: 4KB - Virtual size: 28B

.reloc Size: 4KB - Virtual size: 3KB

.text Size: 368KB - Virtual size: 368KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 12KB

SHARD_DA
Size: 4KB - Virtual size: 28B

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 368KB - Virtual size: 368KB