42ff414a29062a09023bef0e586b781a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42ff414a29062a09023bef0e586b781a_JaffaCakes118
Size

129KB
MD5

42ff414a29062a09023bef0e586b781a
SHA1

1c968d11296f173b5726b58f426336597f619813
SHA256

89692b950a74f441dd6d2af85162b516f5c0fc95f9240a2020bc56f26dfb0872
SHA512

f5c125af55e5512b6fa66c00a7253859c99f8ab8ac26ca97a00d266ef7dce15c76c7a77a41a0ab1b6577e92b6d122b87a7bc78e44f1db8fa2ad1952987431770
SSDEEP

3072:PxKrIZYuVcdTnrbAzr77SfuPqNbMr4NaUxs:8rnumd7A/vmt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42ff414a29062a09023bef0e586b781a_JaffaCakes118

Files

42ff414a29062a09023bef0e586b781a_JaffaCakes118
.dll windows:5 windows x86 arch:x86

195d707bcc81ae6cc8fd9aadac9598cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

memcmp
memmove
_itoa
memcpy

oleaut32

OleLoadPicture

shell32

DuplicateIcon
ord196
ord195
ExtractIconW

shlwapi

StrChrW

kernel32

SetFileAttributesW
DeleteFileW
CloseHandle
ExitProcess
FindResourceA
FindResourceExW
LoadResource
WaitForSingleObject
SleepEx
EnumResourceTypesA
WaitForMultipleObjectsEx
GetLastError
CreateFileMappingA
LockResource

user32

LoadBitmapW
ShowWindow
CreateIconFromResource
DestroyCursor
SetDlgItemTextA
AnyPopup
BeginPaint
GetSubMenu
TabbedTextOutW
IsIconic
SetSystemCursor
DestroyWindow
EndPaint
InvalidateRect
EnumThreadWindows

gdi32

GetBitmapBits
GetCharacterPlacementW
DeleteDC
SetDIBColorTable
CreateHalftonePalette
GetBitmapDimensionEx
DeleteObject
SelectObject
CreateCompatibleDC
GetTextExtentPointW
GetColorAdjustment
SetTextAlign
EndDoc
CreateDiscardableBitmap
AbortDoc

ole32

CreateStreamOnHGlobal
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize

Exports

Exports

?BgfjghJHfgfdgf@@YGKKKK@Z
?HGfdhHhfdgsfd@@YGKK@Z
?JfdHjgfhJHfkjhg@@YGKKK@Z

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 338B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

195d707bcc81ae6cc8fd9aadac9598cb

Headers

File Characteristics

Imports

msvcrt

oleaut32

shell32

shlwapi

kernel32

user32

gdi32

ole32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 44B

.rsrc Size: 119KB - Virtual size: 119KB

.reloc Size: 512B - Virtual size: 338B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 44B

.rsrc
Size: 119KB - Virtual size: 119KB

.reloc
Size: 512B - Virtual size: 338B