3b833c7f214405897624e5915db8980c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3b833c7f214405897624e5915db8980c_JaffaCakes118
Size

82KB
MD5

3b833c7f214405897624e5915db8980c
SHA1

a456aad966a5f93b2c622df5e30173221a23ec7b
SHA256

91077988eff8ade56fd574b7a346dab21b1269ace0a6926d7157f42085963264
SHA512

ed86315b82ef15e6d61dfab0e35b9fa3e20e82cd9de2725a39f37b9714eafaf29ceb1dc6f038d568387c5d0b46c461972828ec2c8ff7b07682ec72476c465d86
SSDEEP

1536:Vr8fY5Zo6kWQjL3FSyrQcgjGygv4h5B8C2/yEin5xZ1oaU:VgYgqcL3F7Qcg6n4Synn531oZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b833c7f214405897624e5915db8980c_JaffaCakes118

Files

3b833c7f214405897624e5915db8980c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6e9429098b08c26328b918355d62d1fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallNextHookEx
ReleaseDC
InvalidateRect
IsWindowUnicode
CharNextW
CallWindowProcW
MessageBoxA
SetPropW
GetParent
ValidateRect
GetSysColor
DrawFocusRect
DefDlgProcW
SetWindowLongA
ShowCaret
SendMessageW
HideCaret
GetWindowTextW
GetClassInfoW
GetWindowTextLengthW
OffsetRect
UnhookWindowsHookEx
IntersectRect
GetWindow
ClientToScreen
GetFocus
SetWindowLongW
GetWindowRect
SetWindowsHookExW
EndPaint
DrawTextW
GetSystemMetrics
GetWindowLongW
GetPropW
BeginPaint
IsWindowEnabled
GetDC
CharPrevW
GetClassNameW
DefWindowProcW
IsIconic
ScreenToClient
GetWindowDC
GetClientRect
RemovePropW
InflateRect
ExcludeUpdateRgn
MapWindowPoints

ws2_32

WSAGetLastError

kernel32

GlobalAlloc
EnterCriticalSection
lstrlenW
lstrcmpiW
GetProcAddress
GetProfileStringW
GetVersion
GetWindowsDirectoryW
lstrcmpW
GlobalFree
GlobalAddAtomW
VirtualAlloc
GetModuleHandleA
SizeofResource
InitializeCriticalSection
GetSystemDirectoryW
LeaveCriticalSection
GlobalDeleteAtom
GetModuleFileNameW
GetCurrentThreadId
GetEnvironmentVariableW
LoadResource

ntdll

NtFindAtom

adsldpc

ADsFreeColumn

gdi32

CreateSolidBrush
CreateDIBitmap
SelectObject
CreateCompatibleDC
SetBkColor
GetTextExtentPointW
DeleteObject
DeleteDC
SetTextColor
BitBlt
ExtTextOutW
PatBlt
GetDeviceCaps
SetBkMode
IntersectClipRect

Sections

.textbss
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6e9429098b08c26328b918355d62d1fd

Headers

DLL Characteristics

File Characteristics

Imports

user32

ws2_32

kernel32

ntdll

adsldpc

gdi32

Sections

.textbss Size: - Virtual size: 1.2MB

.text Size: 512B - Virtual size: 444B

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 1024B - Virtual size: 816B

.idata Size: 79KB - Virtual size: 78KB

.textbss
Size: - Virtual size: 1.2MB

.text
Size: 512B - Virtual size: 444B

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 1024B - Virtual size: 816B

.idata
Size: 79KB - Virtual size: 78KB