34823da73fadee3b42296e0db68357f0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

34823da73fadee3b42296e0db68357f0_JaffaCakes118
Size

457KB
MD5

34823da73fadee3b42296e0db68357f0
SHA1

3c420901260fbb306e910e3480635fa5728e4107
SHA256

60dec3309d9f58716943d838a85dab27662b1ae3646669713866b3b2502830fa
SHA512

a376a6866efccfd85b92920878572244adbdc1386ce8f4418f653b987bdf699fc8baf99b4532a69f2ffdb98537568b4cbac26304a962ba2e8976038520ebccd0
SSDEEP

6144:oMaXYjm/W4NS2Fhj2iRSIJMNf/i44nng2xZfAgo0V42oTDrxBLkV4ztlsHJdsUa:haojm+HSSIef4nQgpV2TDrxRkAtmpdK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34823da73fadee3b42296e0db68357f0_JaffaCakes118

Files

34823da73fadee3b42296e0db68357f0_JaffaCakes118
.dll windows:5 windows x86 arch:x86

ae4667482717dc7b17b199fd9a2f32df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
LoadLibraryA
VirtualProtect
GetModuleFileNameA
ExitProcess

user32

GetDlgItemInt
MessageBoxA

gdi32

CreateFontA

Exports

Exports

BabyWolf
ExtremeWolf
MonsterWolf
OutPut
WTProc
WolfLiteEntry
gtGodMode

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LOL1
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.LOL0
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LOL2
Size: 330KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LOL3
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae4667482717dc7b17b199fd9a2f32df

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 57KB - Virtual size: 56KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 5KB - Virtual size: 11KB

.LOL1 Size: 5KB - Virtual size: 4KB

.LOL0 Size: 5KB - Virtual size: 5KB

.LOL2 Size: 330KB - Virtual size: 330KB

.LOL3 Size: 34KB - Virtual size: 34KB

.reloc Size: 4KB - Virtual size: 3KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 57KB - Virtual size: 56KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 5KB - Virtual size: 11KB

.LOL1
Size: 5KB - Virtual size: 4KB

.LOL0
Size: 5KB - Virtual size: 5KB

.LOL2
Size: 330KB - Virtual size: 330KB

.LOL3
Size: 34KB - Virtual size: 34KB

.reloc
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 5KB - Virtual size: 4KB