71ea1eac3c9fd0d5bef4fd3a2d991611_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

71ea1eac3c9fd0d5bef4fd3a2d991611_JaffaCakes118
Size

120KB
MD5

71ea1eac3c9fd0d5bef4fd3a2d991611
SHA1

f04eee24d024d59e30bcdb845d826508321d27fa
SHA256

ee764925bb17e26ba7a2932c7a3e1e8a1a25eade94eac4728d978629016ac25d
SHA512

b92ff6538014f6f9fce1e961578c0b715860045149ed0f431fee1cfa3910ba9e92b6e31439ed57cff8eb2b5d4b9500c4654ec42b4f898ea9fff76c2222404e5e
SSDEEP

3072:/mnjvbjWMDqz6QJ0zgi4pIMSQ87OpYD/IEqWIG3I3nh:Ojv2z8zgi1oMbq3GY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71ea1eac3c9fd0d5bef4fd3a2d991611_JaffaCakes118

Files

71ea1eac3c9fd0d5bef4fd3a2d991611_JaffaCakes118
.dll windows:5 windows x86 arch:x86

ed6d699770ed96202b49fc076b68373e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

L:\vvkkcRtmuOh\NfbuBinxqEH\TNwwdwkjxkktLtvS\bebrkPcgFqlinVFrm\gJJangjalbxxdUGMwq\rvbUycEjjEwUY\ghjHdSsnnyh.pdb

Imports

gdi32

GetTextExtentExPointW
SetTextAlign
GetFontData
SelectPalette
SetPaletteEntries
GetTextCharsetInfo
SetWindowExtEx
GetNearestColor
SetROP2
Rectangle
IntersectClipRect
GetCharWidth32W

shell32

ord196
ord195

comdlg32

PrintDlgW
GetOpenFileNameA
GetFileTitleW

kernel32

RegisterWaitForSingleObject
CompareStringA
UnlockFile
SetCommMask
lstrcpyW
GetTimeZoneInformation
FileTimeToLocalFileTime
QueryDosDeviceW
FindResourceExW
SetCurrentDirectoryA
CreateDirectoryW
GetFileAttributesW
GetThreadPriority
SetHandleCount
GetModuleHandleW
SetNamedPipeHandleState

user32

GetWindowTextLengthW
OpenIcon
CharToOemBuffA
DispatchMessageW
AppendMenuW
LoadMenuA
GetMenuState
GetUpdateRgn
CharNextExA
GetClassInfoExW
InSendMessage
GetWindowPlacement
KillTimer
RegisterHotKey
UnloadKeyboardLayout
MapVirtualKeyExW
GetUpdateRect
MessageBoxW
GetFocus
GetDlgItem
RemovePropW
InternalGetWindowText
VkKeyScanW
GetDlgCtrlID
ShowCaret
OemToCharA
DrawTextA
OemToCharBuffA
CharUpperW
RegisterClassExA

shlwapi

StrChrIW

comctl32

PropertySheetW
ImageList_AddMasked
CreatePropertySheetPageW

Exports

Exports

AlphaBlend
?DufiluIOQF67uiofYIFYfUFyf@@YGKEPA_WG@Z

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed6d699770ed96202b49fc076b68373e

Headers

File Characteristics

PDB Paths

Imports

gdi32

shell32

comdlg32

kernel32

user32

shlwapi

comctl32

Exports

Exports

Sections

.text Size: 63KB - Virtual size: 63KB

.rdata Size: 27KB - Virtual size: 27KB

.mdata Size: 11KB - Virtual size: 11KB

.data Size: 14KB - Virtual size: 150KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 63KB - Virtual size: 63KB

.rdata
Size: 27KB - Virtual size: 27KB

.mdata
Size: 11KB - Virtual size: 11KB

.data
Size: 14KB - Virtual size: 150KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB