28687ecd6595819e385adf53af201c98_JaffaCakes118

General

Target

28687ecd6595819e385adf53af201c98_JaffaCakes118
Size

276KB
MD5

28687ecd6595819e385adf53af201c98
SHA1

a533ffaff0b3efaa0c620ec714b1de199f5cd627
SHA256

88d03c4d66a158109b95b73a8a19668ab8e9717b4ce80459178d3392e6257ec5
SHA512

cf4692a43147340962463d6adf451e213ee8280be53f44fae6c8081bb89790be0bd3bcc2c23a286d3210ffab9b3b90c94c1021710ec8e561d5a74b3810b017a5
SSDEEP

6144:1sNQZaeG8wDoRAsx/MGs9Oken/5WUtTswpWcy+P3SfzBNI:1me9RJx/MGs9D248puLM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28687ecd6595819e385adf53af201c98_JaffaCakes118

Files

28687ecd6595819e385adf53af201c98_JaffaCakes118
.dll windows:4 windows x86 arch:x86

399743a5e52747600807b43479eb07c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnumResourceNamesW
ExitProcess
GetDefaultCommConfigA
GetPrivateProfileStringW
GetProcessAffinityMask
GetSystemDefaultLCID
GlobalFlags
GlobalReAlloc
IsBadReadPtr
IsDebuggerPresent
LocalAlloc
PeekConsoleInputA
ReadFileScatter
RemoveDirectoryA
RtlUnwind
SetCalendarInfoW
SetLocaleInfoW
SetMailslotInfo
SuspendThread
_lopen
lstrcatW
lstrcpyW
lstrlenW

user32

CharLowerBuffA
CharPrevA
CharUpperW
CopyAcceleratorTableA
CopyRect
DeleteMenu
DlgDirListA
DlgDirListW
EndPaint
EnumPropsExA
ExcludeUpdateRgn
ExitWindowsEx
GetClassInfoW
GetKeyNameTextW
GetScrollPos
HiliteMenuItem
LoadBitmapW
RegisterWindowMessageA
RemoveMenu
SetClipboardData
SetCursor
SetCursorPos
SetMenuItemInfoA
SetWindowContextHelpId
SystemParametersInfoW
TileWindows
UnregisterDeviceNotification

gdi32

AngleArc
BitBlt
CloseFigure
ColorCorrectPalette
CreateDCW
DescribePixelFormat
EnumFontsW
FillPath
GdiFlush
GetEnhMetaFileDescriptionW
GetFontLanguageInfo
GetMetaFileBitsEx
GetNearestColor
GetPolyFillMode
GetTextExtentPoint32W
GetTextFaceA
GetTextFaceW
PlgBlt
SelectPalette
SetBrushOrgEx
SetPaletteEntries
SetPixelFormat
SetPixelV
SetViewportOrgEx

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

399743a5e52747600807b43479eb07c7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 264KB - Virtual size: 272KB

.rsrc Size: 4KB - Virtual size: 248KB

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 264KB - Virtual size: 272KB

.rsrc
Size: 4KB - Virtual size: 248KB