5f6210895167b1487555d016a9548a3c_JaffaCakes118

General

Target

5f6210895167b1487555d016a9548a3c_JaffaCakes118
Size

172KB
MD5

5f6210895167b1487555d016a9548a3c
SHA1

1be181d70da227b32dfd999c08bb24ba4f69a8d8
SHA256

f977c6f4f5849b229ae1f27ea8074b338522d378951ee94678c58dd59ceeff35
SHA512

75f9dae2384e2fd5172579046b90964dc5636277925902b8276042589929ffede861d015b202fa3292404ba76b4feffdf2108e609c700981dbcd1e10d52a98ae
SSDEEP

3072:4XbPSGm8GA9yhBLztEb8+0tkux6SUtfPSKGSd96RwFFnLRO2:4rPSP89g1EQ+s9x6BhGSSSFnLQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f6210895167b1487555d016a9548a3c_JaffaCakes118

Files

5f6210895167b1487555d016a9548a3c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a233dfef75b499d9b86722ff9f938b20

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
FindResourceA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
IsDebuggerPresent
LoadResource
LockResource
MapViewOfFile
MultiByteToWideChar
RtlUnwind
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TlsSetValue
UnmapViewOfFile

msvcrt

__p__commode
__set_app_type
_except_handler3
_exit
fwprintf
isdigit
strpbrk
wcscat
setlocale

user32

EnableWindow
EnumWindows
ExitWindowsEx
GetDlgCtrlID
GetMenuCheckMarkDimensions
GetMenuItemID
SendMessageA
SetScrollInfo
SetMenuItemInfoA

oleaut32

GetErrorInfo
SafeArrayAccessData
SafeArrayAllocDescriptor
SafeArrayCreate
OleIconToCursor

shlwapi

SHDeleteEmptyKeyA
SHDeleteValueA
PathFindOnPathA
ChrCmpIA
SHOpenRegStreamA
SHQueryInfoKeyA
SHSetValueA
StrRStrIA
PathGetCharTypeA
StrToIntA

Exports

Exports

CaptureDeviceDialog
TTF_WasInit

Sections

.text
Size: 108KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a233dfef75b499d9b86722ff9f938b20

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 188KB

.data Size: 61KB - Virtual size: 64KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 108KB - Virtual size: 188KB

.data
Size: 61KB - Virtual size: 64KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB