007e65b7f4b70149a516525243cc9e41_JaffaCakes118

General

Target

007e65b7f4b70149a516525243cc9e41_JaffaCakes118
Size

61KB
MD5

007e65b7f4b70149a516525243cc9e41
SHA1

d7e419d710ce2c23373dd782886f939e91e42ee7
SHA256

d8a510e26f121b91f28da059a0d06c3efbba320912a37d2ee9b541242ba91436
SHA512

f5b7ee7289758d1070aeac64a7420c078c2d03a779cdb23cfbbc368032fdc62225e9a9de0ca079b93b08563e3956379cf4a32f8a35baca773809ef5635f8fc6c
SSDEEP

1536:KnmAIQlFhTnZQxpCyswHmBixd+1nC7H5Te1i+BzbXoEQgH4yh:KnmAIQlFhTaxpCyswHmBixd+1nC7H5Tj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
007e65b7f4b70149a516525243cc9e41_JaffaCakes118

Files

007e65b7f4b70149a516525243cc9e41_JaffaCakes118
.dll windows:6 windows x86 arch:x86

7381d985a6391516ded129e38c3262af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

purert

_x_p_nop_check
_x_p_init
_x_p_r_1b
_x_p_r_1b_c
_x_p_r_1b_2
_x_p_r_2b
_x_p_r_2b_c
_x_p_r_2b_2
_x_p_r_4b
_x_p_r_4b_c
_x_p_r_4b_2
_x_p_r_8b
_x_p_r_10b
_x_p_w_1b
_x_p_w_1b_c
_x_p_w_2b
_x_p_w_2b_c
_x_p_w_4b
_x_p_w_4b_c
_x_p_w_8b
_x_p_w_10b
_x_p_r_string
_x_p_w_string
_x_p_c_string
_x_p_r_cmps
_x_p_cmps
_x_p_scas
_x_p_trace_string
_x_p_before_call
_x_p_before_call_and_color
_x_p_after_call
_x_p_module_entry
_x_p_purewraptramp
_x_p_purewraptramp_s
_x_p_wrap_seh
_x_p_wrap_seh8
_x_p_wrap_seh_nested
_x_p_rtpatch
_x_p_rtpatchenter
_x_p_rtpatchexit
_x_p_trampsehxx
_x_p_sp_alloca
_x_p_sp_sub_green
_x_p_sp_add
_x_p_sp_sub
_x_p_sp_change
_x_p_sp_enter
_x_p_sp_before
_x_p_sp_after
_x_p_fn_entry
_x_p_find_acc
_x_p_bb_entry
_x_p_bb_entry_unwind
_x_p_slow_bb_entry
_x_p_fn_reentry
_x_p_wrap_seh_prolog

$p8

LpkDllInitialize

Exports

Exports

LpkDllInitialize
LpkDrawTextEx
LpkEditControl
LpkExtTextOut
LpkGetCharacterPlacement
LpkGetTextExtentExPoint
LpkInitialize
LpkPSMTextOut
LpkTabbedTextOut
LpkUseGDIWidthCache
ftsWordBreak

Sections

.text
Size: 512B - Virtual size: 19B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 772B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.PASW
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7381d985a6391516ded129e38c3262af

Headers

DLL Characteristics

File Characteristics

Imports

purert

$p8

Exports

Exports

Sections

.text Size: 512B - Virtual size: 19B

.data Size: - Virtual size: 1B

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 1024B - Virtual size: 772B

.PASW Size: 55KB - Virtual size: 54KB

.text
Size: 512B - Virtual size: 19B

.data
Size: - Virtual size: 1B

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 1024B - Virtual size: 772B

.PASW
Size: 55KB - Virtual size: 54KB