14e1a93feeedcc39c6ee6fd7c83e73cf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14e1a93feeedcc39c6ee6fd7c83e73cf_JaffaCakes118
Size

41KB
MD5

14e1a93feeedcc39c6ee6fd7c83e73cf
SHA1

2bdde44b23772572964d94521822d491118684ba
SHA256

3ff51b5bc7b95296389e812247ef771e3cb0f4575c25045a6eaced5234ee539c
SHA512

0120923d4f45af1e5fcd1b1669d37b2706403df0f3daf3099039909b1aa8b8caf054993d9e1f48b324e1b99d9e3e1c211222ddfcdad588908c0a728ae144c4a3
SSDEEP

384:tzYcjcOdD5EMoAf9X371GW0dvbPC8/pa24/A9VyW1JYTVt07oTeH4B3JVPNyzdU3:ecjcOdD5JfjadjPC4oSWZVIp6/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14e1a93feeedcc39c6ee6fd7c83e73cf_JaffaCakes118

Files

14e1a93feeedcc39c6ee6fd7c83e73cf_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3f26c5ca954ea2688c47a04801fa8598

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

comdlg32

GetSaveFileNameA

gdi32

BitBlt
CreateCompatibleDC
CreateDIBSection
DeleteDC
DeleteObject
GetDeviceCaps
GetStockObject
GetTextExtentPoint32A
Rectangle
SelectObject
SetBkColor
SetROP2
SetTextColor

kernel32

CopyFileA
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentDirectoryA
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_errno
_iob
_winmajor
abort
calloc
fclose
fflush
fopen
fprintf
free
fwrite
malloc
memcpy
memset
printf
sprintf
strcpy
strlen
vfprintf

user32

BeginPaint
CreateWindowExA
DefWindowProcA
DrawTextA
EnableWindow
EndPaint
FillRect
FrameRect
GetClientRect
GetDC
GetWindowRect
InvalidateRect
LoadCursorA
LoadIconA
MessageBoxA
RegisterClassA
ReleaseCapture
ReleaseDC
SetCapture
SetRect
ShowWindow
UnregisterClassA
UpdateWindow

Exports

Exports

WndProc_Plugin@16
create_memDC
cur_sel
defui
draw
g_flag_sel
gen_list
info
lb_flag
manager
mode
plugin_ui
pmca_plugin
pmode

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 21KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 323B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f26c5ca954ea2688c47a04801fa8598

Headers

File Characteristics

Imports

comdlg32

gdi32

kernel32

msvcrt

user32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 8B

.rdata Size: 1024B - Virtual size: 788B

.eh_fram Size: 512B - Virtual size: 4B

.bss Size: - Virtual size: 21KB

.edata Size: 512B - Virtual size: 323B

.idata Size: 2KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.reloc Size: 1024B - Virtual size: 1004B

.text
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 8B

.rdata
Size: 1024B - Virtual size: 788B

.eh_fram
Size: 512B - Virtual size: 4B

.bss
Size: - Virtual size: 21KB

.edata
Size: 512B - Virtual size: 323B

.idata
Size: 2KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.reloc
Size: 1024B - Virtual size: 1004B