266dd33d18e20b005b074e73f7cf9f39_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

266dd33d18e20b005b074e73f7cf9f39_JaffaCakes118
Size

106KB
MD5

266dd33d18e20b005b074e73f7cf9f39
SHA1

aec3d14eaebe1d3ee47bf14f7ac701e9fbbae1af
SHA256

116e84ad358744160fa2047d39b4cc332041be2f1ded5100ec838023a8a1f415
SHA512

4f0a64beda0559e1827b1148a66f3a6631911f5c7efbe5c62fa2cc475f7ca3f3f33c9bdb52a11147bb15c05798c05f1e37d375e2a9c65d3e5089a7f70019c3a7
SSDEEP

1536:D3BmaGZFk+p7iyyd7DQAZs7eWQb65eDNaMIPK5V/d66t1QBYFyITGMxoPw1:D3eFmyKQAZsSRbZcPK5Nd66t1Llaisw1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
266dd33d18e20b005b074e73f7cf9f39_JaffaCakes118

Files

266dd33d18e20b005b074e73f7cf9f39_JaffaCakes118
.dll windows:4 windows x86 arch:x86

94a3bda5a22736c801ac1404ffbafa56

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

GdiConvertAndCheckDC
CreateDIBSection
GdiEntry5
GetPaletteEntries
GetRasterizerCaps
GdiConvertEnhMetaFile
GetROP2
DeviceCapabilitiesExA
GdiGetBatchLimit
StrokePath
GdiValidateHandle
Escape
ChoosePixelFormat
SetMapperFlags
SelectPalette
GetObjectA
PlayEnhMetaFile
GetEnhMetaFileBits
GetPixel
GetTextColor
EnumEnhMetaFile
GetBkColor
CreateCompatibleDC
CreateFontIndirectW
SetViewportExtEx
GdiEntry7
SetVirtualResolution
GdiEntry10
GetEnhMetaFileW

kernel32

SetSystemPowerState
SetFileAttributesA
VirtualAlloc
SuspendThread
ReadConsoleA
GetConsoleAliasesA
FlushConsoleInputBuffer
RemoveDirectoryW
InterlockedDecrement
ReadConsoleInputW
SetCommState
LocalFileTimeToFileTime
ResetEvent
SetCommMask
SetProcessPriorityBoost
WritePrivateProfileStructW
LocalLock
InterlockedExchangeAdd
WritePrivateProfileStringA
SetProcessShutdownParameters
VirtualAllocEx
SetConsoleTextAttribute
EndUpdateResourceW
ClearCommBreak
FileTimeToDosDateTime
ExitProcess
GetDriveTypeW

ole32

CoTreatAsClass
OpenOrCreateStream
HACCEL_UserSize
OleMetafilePictFromIconAndLabel
GetHGlobalFromStream
CoSetState
CoSuspendClassObjects
IsAccelerator
HPALETTE_UserSize
OleInitialize
CoRegisterPSClsid
CreateClassMoniker
CoFreeLibrary
HPALETTE_UserFree
UtConvertDvtd32toDvtd16
CoGetObject
CreateDataCache
PropVariantClear
CLIPFORMAT_UserSize
SNB_UserMarshal
SetDocumentBitStg

oleaut32

VarCyFromUI1
VarUI2FromBool
VarR8FromBool
OleIconToCursor
VarBstrFromDisp
SafeArrayDestroyDescriptor
LPSAFEARRAY_UserMarshal
VarBoolFromDisp
VarR8FromUI2
VariantChangeTypeEx
SafeArrayGetElemsize
VarI4FromCy
VarBoolFromUI2
VariantInit
GetErrorInfo
SafeArrayGetElement
RegisterActiveObject
DllCanUnloadNow
VarUI2FromR4
OaBuildVersion
VarR4FromStr
VarUdateFromDate

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94a3bda5a22736c801ac1404ffbafa56

Headers

File Characteristics

Imports

gdi32

kernel32

ole32

oleaut32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 75KB - Virtual size: 224KB

.rdata Size: 3KB - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 75KB - Virtual size: 224KB

.rdata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 4KB