7375465a19570d74ed4711e3f5ee5bc0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7375465a19570d74ed4711e3f5ee5bc0_JaffaCakes118
Size

43KB
MD5

7375465a19570d74ed4711e3f5ee5bc0
SHA1

01991b027e110073444bf608e6a685d9e99b65e2
SHA256

158c7527096352757719fe440afe685198e6a2269ffec24a5b050d2c0730204e
SHA512

f514ed5632fd9fb99813d5ae3a8515dc6014cd97782ceae17cb6fbab4d860aa5a508fe1709734be2a7f0725514637d049e759ed25bd72cd94d70bac7df45c195
SSDEEP

768:4luSU9ZXFYmWuCZAxnjKTdny+pGgeKJxejxxxD+OR:4luSUlYmbwsnMy+pGgeKJxeJK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7375465a19570d74ed4711e3f5ee5bc0_JaffaCakes118

Files

7375465a19570d74ed4711e3f5ee5bc0_JaffaCakes118
.dll windows:1 windows x86 arch:x86

b438e7ca4846b136e6c98d8ff07910b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetStdHandle
WriteFile
ExitProcess
VirtualAlloc
VirtualFree
GetTickCount
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
GetCPInfo
GetOEMCP
GetACP
FreeEnvironmentStringsA
GetEnvironmentStrings
GetVersion
LoadResource
FindResourceA
LockResource
GetProfileStringA
GlobalAddAtomA
GlobalDeleteAtom
lstrcatA
GetCurrentThreadId
lstrcpyA
lstrlenA
lstrcmpA

gdi32

SetBitmapBits
GetBitmapBits
SetDIBits
GetTextMetricsA
CreateFontIndirectA
GetObjectA
ExcludeClipRect
GetBkColor
IntersectClipRect
SaveDC
CreateCompatibleDC
CreateCompatibleBitmap
RectVisible
ExtTextOutA
CreateSolidBrush
SetTextColor
SetBkMode
SetBkColor
RestoreDC
DeleteDC
DeleteObject
BitBlt
GetTextColor
GetTextExtentPoint32A
SelectObject
GetStockObject

user32

SetRectEmpty
IsRectEmpty
IsZoomed
DeferWindowPos
SystemParametersInfoA
LoadCursorA
wsprintfA
EqualRect
RemovePropA
SetPropA
IsWindow
GetPropA
SetWindowLongA
CharLowerA
RegisterClassA
RegisterWindowMessageA
UnregisterClassA
GetWindow
UpdateWindow
IntersectRect
DrawFrameControl
ScreenToClient
SetCapture
ReleaseCapture
PostMessageA
GetSysColor
GetKeyNameTextA
MapVirtualKeyA
MessageBeep
GetCapture
GetParent
CallNextHookEx
SendMessageA
UnhookWindowsHookEx
SetWindowsHookExA
OffsetRect
GetClientRect
SetWindowPos
GetWindowLongA
SetRect
FillRect
DrawFocusRect
IsWindowVisible
SetScrollRange
MoveWindow
CreateWindowExA
GetSystemMetrics
DestroyWindow
InflateRect
SetScrollPos
GetDC
ReleaseDC
KillTimer
SetTimer
GetKeyState
SetFocus
PtInRect
InvalidateRect
GetWindowTextA
EndPaint
BeginPaint
ShowWindow
SetCursor
DefWindowProcA

comctl32

ord17

Sections

.edata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_TEXT
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

IMP__DAT
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b438e7ca4846b136e6c98d8ff07910b9

Headers

File Characteristics

Imports

kernel32

gdi32

user32

comctl32

Sections

.edata Size: 512B - Virtual size: 512B

.idata Size: 3KB - Virtual size: 3KB

_TEXT Size: 32KB - Virtual size: 32KB

IMP__DAT Size: 3KB - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 512B

.idata
Size: 3KB - Virtual size: 3KB

_TEXT
Size: 32KB - Virtual size: 32KB

IMP__DAT
Size: 3KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB