3e430fa3523fc4b0fd315b4dd7b800be_JaffaCakes118

General

Target

3e430fa3523fc4b0fd315b4dd7b800be_JaffaCakes118
Size

32KB
MD5

3e430fa3523fc4b0fd315b4dd7b800be
SHA1

daf7a0c5d7d625c34bc50de003041c04ea1f9618
SHA256

f924c547aff9ad82b37d254e908af7bbab9e047e17d8fbb486d6216c0b4f3662
SHA512

59729441b3cce2733b4718e5db687c4b1a5f413a8960ca9206a058609598ec7200c833b3f9a265986bd9def0ee7a2842331dac7f3345298ddff175847355ae85
SSDEEP

384:1o2f/tvzZuJL4YXGMMA3Rt5wC/MUMxiJVqTETPcVoMz5hSMlOW7t52+QE+:1oIlZuJTBRyxsWE7cV7z5hVlOWV+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e430fa3523fc4b0fd315b4dd7b800be_JaffaCakes118

Files

3e430fa3523fc4b0fd315b4dd7b800be_JaffaCakes118
.dll windows:4 windows x86 arch:x86

93886cdbc9522139e2d1ef9d761cb76b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CommConfigDialogW
CopyFileExW
DisableThreadLibraryCalls
DuplicateHandle
ExitProcess
GetLongPathNameW
GetPrivateProfileStructW
GetTapeParameters
GetTempPathW
GlobalGetAtomNameW
HeapCreate
HeapDestroy
LockResource
ReadConsoleOutputAttribute
SetThreadContext
SetThreadExecutionState
SleepEx
UTRegister
WriteProfileStringA
lstrcpyn

user32

BeginDeferWindowPos
BroadcastSystemMessageA
ChangeClipboardChain
CloseWindowStation
CreateDialogIndirectParamA
DdeAbandonTransaction
DestroyWindow
EnumPropsExW
GetDC
InvalidateRect
LoadMenuIndirectW
MessageBoxA
MessageBoxIndirectW
MonitorFromPoint
OpenDesktopW
SendMessageA
SetClipboardViewer
SetScrollInfo
SetWindowPlacement
ShowCursor

gdi32

AbortPath
CopyMetaFileW
CreateDiscardableBitmap
CreateEllipticRgnIndirect
CreateICW
CreateRoundRectRgn
DeleteDC
DeleteObject
DeviceCapabilitiesExA
EnumFontFamiliesW
FixBrushOrgEx
GetObjectType
GetRegionData
GetStockObject
GetTextExtentPointA
GetTextFaceW
PolyPolyline
SetEnhMetaFileBits
SetRectRgn
SetWindowExtEx
StretchBlt
StretchDIBits

Exports

Exports

Update

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93886cdbc9522139e2d1ef9d761cb76b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 24KB - Virtual size: 28KB

.idata Size: - Virtual size: 16KB

.rsrc Size: - Virtual size: 28KB

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 24KB - Virtual size: 28KB

.idata
Size: - Virtual size: 16KB

.rsrc
Size: - Virtual size: 28KB