2296c0feafb867019ca94b1394d6b259_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2296c0feafb867019ca94b1394d6b259_JaffaCakes118
Size

122KB
MD5

2296c0feafb867019ca94b1394d6b259
SHA1

ad863fb2ec7ef1d67771b4ab13d001528fe931c7
SHA256

ff90f10e48183a2266f7d91c752e1fa26cdd54dedb65f9001cebf7e517572d8b
SHA512

44cadb45cdf98a133b4ce66e48710d0fd9f91a04a66325380e6f9a6abd2496ebf5706170c6274b3fe1c8c493533cdd70bbbac8b1a57cdd5e8f27a1b04d770196
SSDEEP

3072:rbPJbWJwrLn2V/2YrJ+VAGkKu6oB9Ce/TvdZo3I3jMOgxjd+W:rbwJw/nc20xN6u7b1uYY9xjd+W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2296c0feafb867019ca94b1394d6b259_JaffaCakes118

Files

2296c0feafb867019ca94b1394d6b259_JaffaCakes118
.dll windows:5 windows x86 arch:x86

96d8ae9a9b7e6bc38795129821007189

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

H:\csxhshlsYGZG\IadrSWymXsS\rRaeMoQnxIEocnhNhdd\qRjgbfBesxy\uyiixznsAmNbynu\mdSemRkuYHwwhj\kndorfzntyexaa.pdb

Imports

shlwapi

StrChrIW

user32

GetForegroundWindow
MoveWindow
BeginPaint
InflateRect
CharToOemA
IsCharAlphaNumericW
DefWindowProcA
SendDlgItemMessageA
SwitchToThisWindow
DialogBoxIndirectParamW
MonitorFromRect
GetMenuStringW
SetClassLongW
GetScrollInfo
GetTopWindow
RegisterClassExA
DialogBoxParamA
GetSysColor
MapDialogRect
InvertRect
GetKeyNameTextW
SetWindowPlacement
ValidateRect
EnumThreadWindows
CreateAcceleratorTableW
wvsprintfW
OpenDesktopW
SetCursorPos

shell32

ord195
ord196

gdi32

GetViewportOrgEx
CreateDCW
RoundRect
CreateBrushIndirect
SetROP2
CreateDIBitmap
TranslateCharsetInfo
LineDDA
SetBkColor
Polygon
GetDeviceCaps
Ellipse
SelectPalette

kernel32

ConvertDefaultLocale
EnterCriticalSection
lstrcpyW
SetThreadLocale
GlobalFree
FindResourceExW
GetFileInformationByHandle
FreeResource
GetShortPathNameW
GetCommConfig
SetThreadPriority
GlobalCompact
GetModuleHandleW
GetFileAttributesA
SetCommState
DefineDosDeviceW

Exports

Exports

AlphaBlend
?DufiluIOQF67uiofYIFYfUFyf@@YGKEPA_WG@Z

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96d8ae9a9b7e6bc38795129821007189

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

shell32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 64KB

.rdata Size: 28KB - Virtual size: 27KB

.mdata Size: 11KB - Virtual size: 11KB

.data Size: 15KB - Virtual size: 154KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 64KB - Virtual size: 64KB

.rdata
Size: 28KB - Virtual size: 27KB

.mdata
Size: 11KB - Virtual size: 11KB

.data
Size: 15KB - Virtual size: 154KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB