73378d2bf312892f6a4705fa5f874442_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

73378d2bf312892f6a4705fa5f874442_JaffaCakes118
Size

673KB
MD5

73378d2bf312892f6a4705fa5f874442
SHA1

ec5810f47e50db253d333188148c56424c5bf2f5
SHA256

8456a3d972ba1204dc5c8df84e92e829165a8f0a78c124c734a40b3536783163
SHA512

90dae990d53615c8d4079197ec3897a6aed4cc437e6800684da2c1d7d9ffa2bc0f8d0b2981e28f1dedec7313253b61b90e106e4c0315c13b04bbd3093ef74e77
SSDEEP

12288:sbYPFjNCRzcUAY9Sjb1E5lIOQbQMjAHaIQBAanFtXufIIRFYYRL67vLxIm:sbY6Zc0SjbO5lIOQcmAfQBAGtX4qYRyJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73378d2bf312892f6a4705fa5f874442_JaffaCakes118

Files

73378d2bf312892f6a4705fa5f874442_JaffaCakes118
.dll windows:5 windows x86 arch:x86

67235602f67f47b7fecca67e73751e95

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

vistacooperation_u_vc9

?IsDesktopWindowManagerAvailable@DesktopWindowManager@@SA_NXZ

mfl_u_vc9

?IsMagixFont@CMFLFont@@SAHV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z

user32

SetPropW

gdi32

GetRgnBox

msimg32

AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW

advapi32

SetSecurityDescriptorControl

shell32

ShellExecuteW

comctl32

FlatSB_EnableScrollBar

shlwapi

PathSkipRootW

ole32

CoUninitialize

oleaut32

SysFreeString

netapi32

Netbios

ws2_32

connect

gdiplus

GdipCreateFromHDC

playripl

iplDeallocate

ijl10

ord4

winmm

timeGetTime

rpcrt4

UuidCreate

Exports

Exports

ProteinDLL_Hibernate

Sections

.text
Size: 655KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

67235602f67f47b7fecca67e73751e95

Headers

File Characteristics

Imports

kernel32

vistacooperation_u_vc9

mfl_u_vc9

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

netapi32

ws2_32

gdiplus

playripl

ijl10

winmm

rpcrt4

Exports

Exports

Sections

.text Size: 655KB - Virtual size: 2.5MB

.rsrc Size: 16KB - Virtual size: 20KB

.reloc Size: 512B - Virtual size: 512B

.text
Size: 655KB - Virtual size: 2.5MB

.rsrc
Size: 16KB - Virtual size: 20KB

.reloc
Size: 512B - Virtual size: 512B