3f8b0945d9ce782f045f8646e4c67928_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f8b0945d9ce782f045f8646e4c67928_JaffaCakes118
Size

373KB
MD5

3f8b0945d9ce782f045f8646e4c67928
SHA1

74b21a36824e9934324e026e4bad437edb8c94aa
SHA256

f8beedc7035fe7c74827e1778f8f5567927caf6a887544452fdb879305a76c69
SHA512

1e317549015433ae3ff34397c5b0f8d32b6ec759f2d576a01ed8fc0966a641a86cc652ce67cbcce2ae0c7848a312276a75419f74ac94a85da966a73e5bbe23c1
SSDEEP

6144:aOhK3Us8/4QL6OIFlT1azcvb//yui6SRDWXcHOEFXHID/g2vAdJ:5i8jL6OIFfYuby2DMHzXHID/g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f8b0945d9ce782f045f8646e4c67928_JaffaCakes118

Files

3f8b0945d9ce782f045f8646e4c67928_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7b17f6b26140bd77c03812e98988c13d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ltkrn13n

ord285
ord116
ord171
ord283
ord134
ord218
ord212
ord169
ord139
ord125

ltdis13n

ord138
ord118
ord119
ord184
ord132
ord122

kernel32

LoadLibraryA
HeapAlloc
VirtualAlloc
GetStringTypeW
GetStringTypeA
LCMapStringA
LCMapStringW
GetTickCount
lstrlenA
GetVersion
HeapFree
ExitProcess
TerminateProcess
GetACP
GetModuleFileNameA
GetCommandLineA
GetStdHandle
GetFileType
GetStartupInfoA
VirtualFree
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
FreeEnvironmentStringsA
GetOEMCP
HeapCreate
SetHandleCount
GetProcAddress
GetModuleHandleA
GetCPInfo
WriteFile
GetCurrentProcess
HeapDestroy

user32

IntersectRect
ScrollDC
SetRect
OffsetRect
DrawTextA
IsRectEmpty
InflateRect

gdi32

CreatePalette
GetTextExtentPoint32A
PatBlt
GetClipBox
GetPaletteEntries
CreateDCA
CreateEllipticRgn
CombineRgn
StretchBlt
RealizePalette
GetPixel
SetPixel
Rectangle
RoundRect
OffsetRgn
PaintRgn
FrameRgn
CreateRectRgn
SaveDC
CreateBrushIndirect
UnrealizeObject
GetNearestColor
SetPolyFillMode
CreatePatternBrush
SetBrushOrgEx
GetObjectA
CreateFontIndirectA
SelectPalette
ExtTextOutA
DeleteObject
SelectObject
CreatePen
CreateSolidBrush
BitBlt
RestoreDC
SelectClipRgn
Polygon
Ellipse
GetStockObject
SetTextAlign
Pie
SetBkColor
SetBkMode
CreateHatchBrush
SetTextColor
DeleteDC
CreateBitmap
CreateCompatibleDC
GetTextColor
CreateCompatibleBitmap

Exports

Exports

DllMain
L_EfxDraw3dShape
L_EfxDraw3dText
L_EfxDrawFrame
L_EfxDrawRotated3dText
L_EfxEffectBlt
L_EfxGradientFillRect
L_EfxPaintBitmap
L_EfxPaintTransition
L_EfxPatternFillRect
L_PaintDCEffect
L_PaintRgnDCEffect

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b17f6b26140bd77c03812e98988c13d

Headers

File Characteristics

Imports

ltkrn13n

ltdis13n

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 184KB - Virtual size: 183KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 5KB

.idata Size: 174KB - Virtual size: 174KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 184KB - Virtual size: 183KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 5KB

.idata
Size: 174KB - Virtual size: 174KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 4KB