464b9d6224258e75fb4343ce38a86194_JaffaCakes118

General

Target

464b9d6224258e75fb4343ce38a86194_JaffaCakes118
Size

117KB
MD5

464b9d6224258e75fb4343ce38a86194
SHA1

f39b393b3dc1fba3dad3b8633631db955edfe8af
SHA256

032f3a18673333a698dfa8e964bf9df9ad23aa4a6d068cac06618f153550ddc6
SHA512

b2a541413116f9a7b39bce6f327973999c18ec2dcf6e7a42ec50984ebfe7c772d102e0ffa9865c6f33df2ee8b135799a1909ff250adc45042178a8c419bf5cae
SSDEEP

3072:qwcKl8rwwJ92A5sdSb/7vT3VpZ9GUZk5oB:7pSrhL2A5sdSz7vbVhbZz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
464b9d6224258e75fb4343ce38a86194_JaffaCakes118

Files

464b9d6224258e75fb4343ce38a86194_JaffaCakes118
.dll windows:5 windows x86 arch:x86

f91d45daa630b70600e991ac982f5897

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

X:\qzey\lvpgBiDx\nLhn\jNdKfy\EhBOtpk.pdb

Imports

gdi32

SetBkColor
SetPixel
GetTextFaceW
CreateHalftonePalette
DPtoLP
SetTextAlign
CreateRectRgn
GetMapMode
OffsetViewportOrgEx

ntdll

_aullrem

user32

GetClassInfoExA
GetScrollPos
TranslateAcceleratorA
GetSystemMetrics
SetCursorPos
UnloadKeyboardLayout
GetWindow
mouse_event
LoadIconW
OemToCharBuffA
GetWindowRect

kernel32

GetSystemDirectoryA
SetHandleCount
FlushFileBuffers
lstrlenW
lstrcmpiA
RemoveDirectoryA
GetTickCount
GetSystemWindowsDirectoryW
GetModuleHandleW
TransactNamedPipe
lstrcmpA
GetProcAddress
ExitThread
SetPriorityClass

Exports

Exports

?auqinmrjBb@@YGEPAMPAH@Z
?NmedVxsxsWqg@@YGKPAKE@Z
?tckipxAS@@YGEHPAK@Z
?ryoflrghwEodlm@@YGPAMPANPAM@Z
?qcKSpaxMfyjbkIAr@@YGPAKPAG@Z
?nmPbYauaNeewCez@@YGGPAKPAM@Z

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f91d45daa630b70600e991ac982f5897

Headers

File Characteristics

PDB Paths

Imports

gdi32

ntdll

user32

kernel32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 25KB

.data Size: 77KB - Virtual size: 77KB

.edata Size: 1KB - Virtual size: 1KB

.crt Size: 3KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 26KB - Virtual size: 25KB

.data
Size: 77KB - Virtual size: 77KB

.edata
Size: 1KB - Virtual size: 1KB

.crt
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 3KB