45f7c5d90469ea131e5039008ac24b5d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

45f7c5d90469ea131e5039008ac24b5d_JaffaCakes118
Size

28KB
MD5

45f7c5d90469ea131e5039008ac24b5d
SHA1

ac57026b8b1a02aceca1f688e906414f9df4d1b0
SHA256

1d45b70491a090ffd3838cfa41d948c51523aaebf25dbeb0fa53d4f1ee260477
SHA512

f9d3905febc06a8f7754c7a8e36daf0d887cacff635cdec74bd866fedf44c8c70c625a50e2bb1a611e7912506016bd7d85c2975a651f3f2d4388becf59452ff8
SSDEEP

192:4B8RyBc2Mg0gg0NtWHAXl237ohsfLIJEo18NvZVhwsJBovVPq4jqdWDIdWdXyCdu:IkqmGhsfLNl9hfB0NqdWEWdiP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45f7c5d90469ea131e5039008ac24b5d_JaffaCakes118

Files

45f7c5d90469ea131e5039008ac24b5d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

03ee0f49dd0ee476da07ab7d305af393

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
VirtualAlloc
GetSystemDirectoryA
GetWindowsDirectoryA
TerminateProcess
GetCurrentProcess
InitializeCriticalSection
SetFilePointer
GetFileSize
WaitForSingleObject
CreateThread
EnterCriticalSection
ReadFile
GetPrivateProfileStringA
ExitThread
GetModuleFileNameA
VirtualProtect
IsBadReadPtr
GetModuleHandleA
LoadLibraryA
CloseHandle
DeleteFileA
VirtualFree
Sleep
MultiByteToWideChar
LeaveCriticalSection

user32

GetWindowTextA
EnumWindows
GetSystemMetrics
wsprintfA
GetWindowRect
GetWindowDC
SetWindowPos
ShowWindow
GetDesktopWindow
IsWindowVisible

gdi32

GetDeviceCaps
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

msvcrt

_initterm
_adjust_fdiv
_strlwr
__CxxFrameHandler
??3@YAXPAX@Z
_strcmpi
strstr
_except_handler3
strchr
atoi
malloc
wcscmp
free
_vsnprintf
??2@YAPAXI@Z

ws2_32

send
connect
htons
closesocket
inet_ntoa
gethostbyname
WSACleanup
socket
WSAStartup
inet_addr

gdiplus

GdipGetImageEncoders
GdipDisposeImage
GdipDeleteGraphics
GdipSaveImageToFile
GdipDrawImageI
GdipScaleWorldTransform
GdipGetImageGraphicsContext
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdiplusStartup
GdipGetImageEncodersSize

Exports

Exports

KsCreateAllocator
KsCreateClock
KsCreatePin
KsCreateTopologyNode

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 982B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03ee0f49dd0ee476da07ab7d305af393

Headers

File Characteristics

Imports

kernel32

user32

gdi32

wininet

msvcrt

ws2_32

gdiplus

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 982B

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 982B