23ae741f16fcd43d8dbaf3d19abf100b_JaffaCakes118

General

Target

23ae741f16fcd43d8dbaf3d19abf100b_JaffaCakes118
Size

64KB
MD5

23ae741f16fcd43d8dbaf3d19abf100b
SHA1

2db1baed8996f962d2c192cb7ac4c8f7afdfe697
SHA256

903221219bd2969786674bec9a22d4b65c13448ccf5667e2bb8bb4568592e3cf
SHA512

ba3be2ef49297e37013af9b9a1960bf335c3621f42255faf7ea47101f93375a609d070b374050474778def4d7d1627ed4192ae8193190c7d7aa109bacd9b61fe
SSDEEP

1536:4qtbvJfNXIpOD8LJdB3Fh9gIlfc1M21q:XtbBlXb891hRlcM21

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23ae741f16fcd43d8dbaf3d19abf100b_JaffaCakes118

Files

23ae741f16fcd43d8dbaf3d19abf100b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

624cad777d783e4a24c44cfcdd39f158

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
ExitProcess
LocalAlloc
GetCommandLineA
GetStringTypeA
GetStartupInfoA
VirtualAllocEx
GetConsoleWindow
WaitForMultipleObjects
DuplicateConsoleHandle
GetDefaultCommConfigA
GetPriorityClass
GetModuleFileNameA
GetVolumeInformationA
GetCalendarInfoA
IsBadStringPtrA
SetEndOfFile
TransmitCommChar
SetHandleInformation
PostQueuedCompletionStatus
ReadConsoleInputA
WriteConsoleOutputA

user32

EnumDisplaySettingsExA
ExcludeUpdateRgn
CallNextHookEx
ChangeClipboardChain
TranslateAcceleratorA
MapDialogRect
GetDlgCtrlID
GetLastInputInfo
PostThreadMessageA
ChangeDisplaySettingsA
CharNextExA
GetMenuItemRect
GetUserObjectInformationA
MapVirtualKeyA
DispatchMessageA
UnregisterMessagePumpHook
RegisterWindowMessageW
IsIconic

gdi32

DeleteObject
LineTo
PatBlt
StretchBlt

advapi32

RegOpenKeyExA
RegCloseKey

Exports

Exports

AddCfxipymsns
Quvhfwqfxoq

Sections

.textbbs
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 52KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

624cad777d783e4a24c44cfcdd39f158

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.textbbs Size: - Virtual size: 1KB

.text Size: 52KB - Virtual size: 185KB

.idata Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.textbbs
Size: - Virtual size: 1KB

.text
Size: 52KB - Virtual size: 185KB

.idata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB