7131ed28ee30545bc96b358ae8d2718a_JaffaCakes118

General

Target

7131ed28ee30545bc96b358ae8d2718a_JaffaCakes118
Size

61KB
MD5

7131ed28ee30545bc96b358ae8d2718a
SHA1

20882384631a431a8d01dc0cd65509a30758e39c
SHA256

47aaa79a6d64a034cbae149f1a5ea60639db26f538245b902ceaca61da9848c8
SHA512

1ec0a526239685a4e6b8a465390fdbe2000fda80f732d7dd32f064e0d814db163ce561fd717d7f5e81dbb1650b8e055d59fce80da86ff8d34b50b22b292feda4
SSDEEP

1536:FUqVWPcfZHFMC6snW8ps1bsQxm+Pfvt11sMstI/KM:SMW0fZHUsn3qpNnFvsba

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7131ed28ee30545bc96b358ae8d2718a_JaffaCakes118

Files

7131ed28ee30545bc96b358ae8d2718a_JaffaCakes118
.dll windows:10 windows x86 arch:x86

157c002773279c642d01b56ab7998c49

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

LineTo
SelectObject
SetBkMode
SetBkColor
SelectObject
SetTextColor
GetTextMetricsW
DeleteDC
SetBkColor
BitBlt
CreateCompatibleBitmap

kernel32

LocalFree
SetEvent
FormatMessageW
LocalAlloc
GetACP
SetUnhandledExceptionFilter
GetCommandLineW
LocalAlloc
WaitForSingleObjectEx
WaitForSingleObject
GetCurrentProcessId
GetCurrentProcess
SetUnhandledExceptionFilter
GetProcessHeap
GetCurrentProcessId
GetCurrentThreadId
GetModuleFileNameA
LocalFree
GetModuleHandleA

user32

SetTimer
SetTimer
CreateWindowExW
GetWindowRect
SendMessageW
LoadIconW
GetMessageW
ReleaseDC
ShowWindow
GetWindowRect
PostMessageW
ShowWindow
LoadIconW
SetTimer
GetWindowRect
SendMessageW
GetSystemMetrics
ShowWindowAsync

shell32

ShellExecuteExW

advapi32

AddAccessAllowedAce
RegSetValueExW
GetTokenInformation
InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

157c002773279c642d01b56ab7998c49

Headers

File Characteristics

Imports

gdi32

kernel32

user32

shell32

advapi32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 49KB - Virtual size: 52KB

.rsrc Size: 1024B - Virtual size: 660KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 49KB - Virtual size: 52KB

.rsrc
Size: 1024B - Virtual size: 660KB

.reloc
Size: 512B - Virtual size: 4KB