3d6b42a25599aef4a5bfb68a6fc3f253_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d6b42a25599aef4a5bfb68a6fc3f253_JaffaCakes118
Size

196KB
MD5

3d6b42a25599aef4a5bfb68a6fc3f253
SHA1

bb603ac7d269a28ea4d0caa5d1543eb3f3d56c2f
SHA256

1698d151e37c4aa052053560c7e2dae1deebde5c8a46493480e4b06b47cdb7a8
SHA512

5b0dc23899007b60ec3c63d5f5cfc7c0d66bba5465ab70ab4abcd9b6c4ac1d2d168359d9096fb421f4e0c4a9ca5dd1a45f092808d6c6b96cf502c3e6e6a70212
SSDEEP

3072:4dbjvf/3xX+bsQ9GymOqxs70Evw0CantiKfpWmN5nRV:Y3ZX+bsQCOPEC/V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d6b42a25599aef4a5bfb68a6fc3f253_JaffaCakes118

Files

3d6b42a25599aef4a5bfb68a6fc3f253_JaffaCakes118
.dll windows:4 windows x86 arch:x86

12b422d06060a3db6be0ae1e6eb33402

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeResource
LockResource
FindResourceA
LoadResource
SizeofResource
VirtualProtect
VirtualFree
LoadLibraryA
GetProcAddress
GetLocalTime
GetModuleHandleA
VirtualAlloc
GetLastError
CreateEventA
CreateFileA
SetLastError
GetTickCount
CloseHandle
Sleep
UnlockFileEx

user32

PostQuitMessage
KillTimer
SetCursor
SetCursorPos
wsprintfA
IsIconic
SetTimer
GetCursorPos
GetDesktopWindow
GetWindowRect
MessageBoxW

msvfw32

DrawDibOpen

Exports

Exports

GetOut
MainReloader
ReadVA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.bss
Size: 4KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsec
Size: 4KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dsec
Size: 4KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lsec
Size: 4KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hsec
Size: 4KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.�sec
Size: 4KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12b422d06060a3db6be0ae1e6eb33402

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvfw32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 1KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 52KB - Virtual size: 51KB

.rsrc Size: 104KB - Virtual size: 101KB

.reloc Size: 4KB - Virtual size: 328B

.bss Size: 4KB - Virtual size: 512B

.rsec Size: 4KB - Virtual size: 512B

.dsec Size: 4KB - Virtual size: 512B

.lsec Size: 4KB - Virtual size: 512B

.hsec Size: 4KB - Virtual size: 512B

.�sec Size: 4KB - Virtual size: 512B

.text
Size: 4KB - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 52KB - Virtual size: 51KB

.rsrc
Size: 104KB - Virtual size: 101KB

.reloc
Size: 4KB - Virtual size: 328B

.bss
Size: 4KB - Virtual size: 512B

.rsec
Size: 4KB - Virtual size: 512B

.dsec
Size: 4KB - Virtual size: 512B

.lsec
Size: 4KB - Virtual size: 512B

.hsec
Size: 4KB - Virtual size: 512B

.�sec
Size: 4KB - Virtual size: 512B