694eb53186bdfe42d1b1a270f788f98a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

694eb53186bdfe42d1b1a270f788f98a_JaffaCakes118
Size

673KB
MD5

694eb53186bdfe42d1b1a270f788f98a
SHA1

1e385c9bfcfd94ed091511e39ca54f3f3b2fb1fb
SHA256

031a1e379605ecfa81d5482427cebbb436bf549c7019a4510b6806050e14a762
SHA512

0b53071320f3106fbd9a49dcfcab8ba3c0fa11f3db26de636ef6d2f2546d9cf98abc52e28d98c2f94ce2bd0cad58681454e494a6b55e0fb524efd68b4196425e
SSDEEP

12288:zyY6Gq7IsRpUa0bF1H5SqxXmgnluT2OZubeEXT1l1pPouqIm2AUUQ7Ucy/lD:zjsxCTxWguwCEDL1pDqIoU5Acy/lD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
694eb53186bdfe42d1b1a270f788f98a_JaffaCakes118

Files

694eb53186bdfe42d1b1a270f788f98a_JaffaCakes118
.dll windows:5 windows x86 arch:x86

67235602f67f47b7fecca67e73751e95

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

vistacooperation_u_vc9

?IsDesktopWindowManagerAvailable@DesktopWindowManager@@SA_NXZ

mfl_u_vc9

?IsMagixFont@CMFLFont@@SAHV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z

user32

SetPropW

gdi32

GetRgnBox

msimg32

AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW

advapi32

SetSecurityDescriptorControl

shell32

ShellExecuteW

comctl32

FlatSB_EnableScrollBar

shlwapi

PathSkipRootW

ole32

CoUninitialize

oleaut32

SysFreeString

netapi32

Netbios

ws2_32

connect

gdiplus

GdipCreateFromHDC

playripl

iplDeallocate

ijl10

ord4

winmm

timeGetTime

rpcrt4

UuidCreate

Exports

Exports

ProteinDLL_Hibernate

Sections

.text
Size: 655KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

67235602f67f47b7fecca67e73751e95

Headers

File Characteristics

Imports

kernel32

vistacooperation_u_vc9

mfl_u_vc9

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

netapi32

ws2_32

gdiplus

playripl

ijl10

winmm

rpcrt4

Exports

Exports

Sections

.text Size: 655KB - Virtual size: 2.5MB

.rsrc Size: 16KB - Virtual size: 20KB

.reloc Size: 512B - Virtual size: 512B

.text
Size: 655KB - Virtual size: 2.5MB

.rsrc
Size: 16KB - Virtual size: 20KB

.reloc
Size: 512B - Virtual size: 512B