28a9ba9721f9c2533aeba753acc13401_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28a9ba9721f9c2533aeba753acc13401_JaffaCakes118
Size

1.1MB
MD5

28a9ba9721f9c2533aeba753acc13401
SHA1

b4dd12a0f182e08adb6988e58c6ec71b33233dae
SHA256

46ac89d205692ef3a4f5483d5c274796e1a71c0cb3e3861ace8fc7334e9ea389
SHA512

71cb731074a6e22b601091613b8e321e47263b55887e8c04ee9f34665c859fc0c2c0a2a203d47ddee64e9ceb548d78e30ab2e773354ac8bc8c948390fc1d19ec
SSDEEP

24576:8ltlYFQKMtT9OsZE6SL86L0BulGFrudm/StqqiqphmKbG:uzd9tTlZExA6L0BZFKihqi0hbK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28a9ba9721f9c2533aeba753acc13401_JaffaCakes118

Files

28a9ba9721f9c2533aeba753acc13401_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Exports

Exports

FreeMainForm
InitMainForm
LeadLinProcNotify
TrailLinProcNotify

Sections

.text
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 28KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

khdjg1jt
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 528KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cnbj2.9z
Size: - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rjs8ade2
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mycol94g
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f433e7fcc51e68080022754836705744

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: - Virtual size: 1.3MB

.itext Size: - Virtual size: 8KB

.data Size: - Virtual size: 116KB

.bss Size: - Virtual size: 28KB

.idata Size: - Virtual size: 16KB

.edata Size: 2KB - Virtual size: 4KB

khdjg1jt Size: - Virtual size: 92KB

.rsrc Size: 9KB - Virtual size: 528KB

cnbj2.9z Size: - Virtual size: 248KB

rjs8ade2 Size: 1.0MB - Virtual size: 1.0MB

mycol94g Size: 4KB - Virtual size: 4KB

.text
Size: - Virtual size: 1.3MB

.itext
Size: - Virtual size: 8KB

.data
Size: - Virtual size: 116KB

.bss
Size: - Virtual size: 28KB

.idata
Size: - Virtual size: 16KB

.edata
Size: 2KB - Virtual size: 4KB

khdjg1jt
Size: - Virtual size: 92KB

.rsrc
Size: 9KB - Virtual size: 528KB

cnbj2.9z
Size: - Virtual size: 248KB

rjs8ade2
Size: 1.0MB - Virtual size: 1.0MB

mycol94g
Size: 4KB - Virtual size: 4KB