19c49981af7be583770a5fb3fb973a2b_JaffaCakes118

General

Target

19c49981af7be583770a5fb3fb973a2b_JaffaCakes118
Size

154KB
MD5

19c49981af7be583770a5fb3fb973a2b
SHA1

35e3dca7125ad869796f37a5cec5f985822ec410
SHA256

37a8d56991f039ba4214c563064cce2bcb06ddfa2a39fa8c779365f49c193689
SHA512

6a9d4ce5bec27e70d408fad09bd0016345a9234101f516d5a78dccf3e6b650f72e15ff59fceec76d4bc0211641b2cca338f2d0b8f49efd6718cb5fbd5f319680
SSDEEP

3072:7YOkuLQV62CUR0ABgpgCMjTg0I8/ECSeip2PM:ZkeERpgxETg/9xbgE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19c49981af7be583770a5fb3fb973a2b_JaffaCakes118

Files

19c49981af7be583770a5fb3fb973a2b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8468a05399af4900057635b75f712c59

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

GetOpenFileNameW
ChooseFontW
GetSaveFileNameW
CommDlgExtendedError

kernel32

GetCurrentProcessId
QueryPerformanceCounter
GetCurrentProcess
GetConsoleHardwareState
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetExitCodeProcess
FindFirstFileW
CopyFileW
FindNextFileW
SetFileAttributesW
MoveFileW
FindClose
SetLastError
OpenProcess
UnregisterWaitEx
RegisterWaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
LoadLibraryExW
FormatMessageW
GetTickCount
CreateEventW
CreateThread
GetCurrentThreadId
OutputDebugStringA
GetCurrentProcessId
ResetEvent
SetEvent
GetFileAttributesExW
ReleaseMutex
WaitForMultipleObjects
CreateMutexW
CloseHandle
WaitForSingleObject
Sleep
LoadLibraryW
GetProcAddress
FreeLibrary
LocalAlloc
LocalFree
GetLastError
InterlockedDecrement
InterlockedIncrement
InterlockedCompareExchange
InterlockedExchange
GetSystemTimeAsFileTime
TerminateProcess
DeleteFileW
RemoveDirectoryW
SetEnvironmentVariableW
DisableThreadLibraryCalls
DebugBreak
InitializeCriticalSectionAndSpinCount

oleaut32

DispInvoke
CreateErrorInfo
OleCreateFontIndirect
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

Exports

Exports

AlphaBlend

Sections

.text
Size: 97KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 330B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8468a05399af4900057635b75f712c59

Headers

File Characteristics

Imports

comdlg32

kernel32

oleaut32

Exports

Exports

Sections

.text Size: 97KB - Virtual size: 116KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 53KB - Virtual size: 53KB

.reloc Size: 512B - Virtual size: 330B

.text
Size: 97KB - Virtual size: 116KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 53KB - Virtual size: 53KB

.reloc
Size: 512B - Virtual size: 330B