66b160711cb7544ec4110643109827be_JaffaCakes118

General

Target

66b160711cb7544ec4110643109827be_JaffaCakes118
Size

71KB
MD5

66b160711cb7544ec4110643109827be
SHA1

b286fb828c4d6cfd2b24ff4c9a0dca41a376482d
SHA256

0855e710726ac4b62c9db86aac522e10a54bd4d72b28700678d904be53f1fd1c
SHA512

0bc0f0df899b8fa35197052daf1c206fa45db059b0db0f2e8df25fc636240adad62674a0ff3567f53fd25cec486f60e98cf2fe85c595f3bd5642eb9687ac4116
SSDEEP

1536:Bz7CXlNPzj6gE0fM9RDw9wpBETpHb41snhHnHjwVkq:B3CXl1zj6gEC86PnhHnHs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66b160711cb7544ec4110643109827be_JaffaCakes118

Files

66b160711cb7544ec4110643109827be_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a6fc8b0f38a00aa7d44d9eb7cf111080

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetVersion
UnhandledExceptionFilter
GetCurrentProcess
GetTickCount
InterlockedCompareExchange
Sleep
InterlockedExchange
SetLastError
GetProcAddress
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
HeapAlloc
HeapDestroy
InterlockedDecrement
GetProcessHeap
HeapFree
GetModuleHandleA
FindResourceW
lstrlenA
GetCommandLineA
VirtualFree
VirtualProtect
InterlockedIncrement
VirtualAlloc

user32

SetRectEmpty
EnableWindow
IsWindow
IsDlgButtonChecked
CopyRect
IsRectEmpty
DestroyWindow
EndDialog
PostMessageW
SendMessageW

gdi32

GetStockObject
SelectObject
SetTextColor
SetBkMode
Polyline
SetROP2
Rectangle

msvcr71

memcpy
_XcptFilter
free
malloc
_initterm
memset
__CppXcptFilter
_onexit
__dllonexit
_adjust_fdiv
_except_handler3

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6fc8b0f38a00aa7d44d9eb7cf111080

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcr71

Sections

.text Size: 59KB - Virtual size: 59KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 35KB

.sxdata Size: 512B - Virtual size: 8B

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 59KB - Virtual size: 59KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 35KB

.sxdata
Size: 512B - Virtual size: 8B

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 1KB