4756d5e3386d8a596f322d21bed3cd55_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4756d5e3386d8a596f322d21bed3cd55_JaffaCakes118
Size

106KB
MD5

4756d5e3386d8a596f322d21bed3cd55
SHA1

0392b16368cd53f934bb12ec8c9c1b5777923ff8
SHA256

40c2aa8d5553c834968cbed004e06a49bc0ec27ee8b1977f6e7d5007ad0bcf3b
SHA512

e4d808c79288671a9c0f93b5cda910a2b4779a69dcf72a80f0eb02ea04cfb5adf54862915c81cee180fb2f41ea03dc2d2981835f8a3f0b0df06a92fdaa565db3
SSDEEP

1536:D3BmaGZFk+p7iyyd7DQAZs7eWQb65eDNaMIPK5V/d66t1QBYFyITGMxoPwr:D3eFmyKQAZsSRbZcPK5Nd66t1Llaiswr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4756d5e3386d8a596f322d21bed3cd55_JaffaCakes118

Files

4756d5e3386d8a596f322d21bed3cd55_JaffaCakes118
.dll windows:4 windows x86 arch:x86

94a3bda5a22736c801ac1404ffbafa56

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

GdiConvertAndCheckDC
CreateDIBSection
GdiEntry5
GetPaletteEntries
GetRasterizerCaps
GdiConvertEnhMetaFile
GetROP2
DeviceCapabilitiesExA
GdiGetBatchLimit
StrokePath
GdiValidateHandle
Escape
ChoosePixelFormat
SetMapperFlags
SelectPalette
GetObjectA
PlayEnhMetaFile
GetEnhMetaFileBits
GetPixel
GetTextColor
EnumEnhMetaFile
GetBkColor
CreateCompatibleDC
CreateFontIndirectW
SetViewportExtEx
GdiEntry7
SetVirtualResolution
GdiEntry10
GetEnhMetaFileW

kernel32

SetSystemPowerState
SetFileAttributesA
VirtualAlloc
SuspendThread
ReadConsoleA
GetConsoleAliasesA
FlushConsoleInputBuffer
RemoveDirectoryW
InterlockedDecrement
ReadConsoleInputW
SetCommState
LocalFileTimeToFileTime
ResetEvent
SetCommMask
SetProcessPriorityBoost
WritePrivateProfileStructW
LocalLock
InterlockedExchangeAdd
WritePrivateProfileStringA
SetProcessShutdownParameters
VirtualAllocEx
SetConsoleTextAttribute
EndUpdateResourceW
ClearCommBreak
FileTimeToDosDateTime
ExitProcess
GetDriveTypeW

ole32

CoTreatAsClass
OpenOrCreateStream
HACCEL_UserSize
OleMetafilePictFromIconAndLabel
GetHGlobalFromStream
CoSetState
CoSuspendClassObjects
IsAccelerator
HPALETTE_UserSize
OleInitialize
CoRegisterPSClsid
CreateClassMoniker
CoFreeLibrary
HPALETTE_UserFree
UtConvertDvtd32toDvtd16
CoGetObject
CreateDataCache
PropVariantClear
CLIPFORMAT_UserSize
SNB_UserMarshal
SetDocumentBitStg

oleaut32

VarCyFromUI1
VarUI2FromBool
VarR8FromBool
OleIconToCursor
VarBstrFromDisp
SafeArrayDestroyDescriptor
LPSAFEARRAY_UserMarshal
VarBoolFromDisp
VarR8FromUI2
VariantChangeTypeEx
SafeArrayGetElemsize
VarI4FromCy
VarBoolFromUI2
VariantInit
GetErrorInfo
SafeArrayGetElement
RegisterActiveObject
DllCanUnloadNow
VarUI2FromR4
OaBuildVersion
VarR4FromStr
VarUdateFromDate

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94a3bda5a22736c801ac1404ffbafa56

Headers

File Characteristics

Imports

gdi32

kernel32

ole32

oleaut32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 75KB - Virtual size: 224KB

.rdata Size: 3KB - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 75KB - Virtual size: 224KB

.rdata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 4KB