84cb4307b9228800824f2894b1fb7f64_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

84cb4307b9228800824f2894b1fb7f64_JaffaCakes118
Size

115KB
MD5

84cb4307b9228800824f2894b1fb7f64
SHA1

ddfa47fbd99f2d332991137376e5c80b1c294430
SHA256

8ae3dfc01aef130845f2e2ecf22aa8f0454607f42c8eeff57c106c4026fb818d
SHA512

e712230732b0e25db7cbfe000670f07f08859d4dd58e334924739d6c2b9f91d188faa1769490c186b2340a50b884081021b49ae5fcd345745d8c441a0afbffbb
SSDEEP

3072:ElGdHqQUg+WUkSG3qQPY2p26PRFovOLzdc:Ecg5gLRSGTPYuovO1c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84cb4307b9228800824f2894b1fb7f64_JaffaCakes118

Files

84cb4307b9228800824f2894b1fb7f64_JaffaCakes118
.dll windows:5 windows x86 arch:x86

329f9ab30c7d126f94673f5d5122db65

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Y:\qneJF\uizlbgvk\pbpXEc\BuqSr.pdb

Imports

user32

IsCharUpperA
GetPropW
LoadStringW
GetUpdateRect
FindWindowA
EnumChildWindows
IsDialogMessageA
GetDialogBaseUnits
GetWindowLongW
DefFrameProcW
GetClassInfoA
ShowScrollBar

kernel32

GetProcAddress
LocalSize
ClearCommBreak
GetComputerNameExA
lstrcmpiW
LockFile
ConvertDefaultLocale
AreFileApisANSI
GetFileInformationByHandle
lstrlenW
GlobalLock
LoadLibraryW

shlwapi

StrCmpNW

comctl32

ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_GetImageCount

comdlg32

FindTextW
PageSetupDlgW
CommDlgExtendedError

gdi32

EnumFontFamiliesW
RectVisible
ExcludeClipRect
GetBitmapBits
GetObjectW
ResizePalette
SetBkColor

Exports

Exports

?ugceraSfSAjpiM@@YGFI@Z
?tsHYxduEnt@@YGXPANK@Z
?wBrxQKRTJrtEhouQYPceY@@YGDH@Z
?NgFsfcQxqhdMjfwhyenrdq@@YGXPAM@Z

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 209B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.temp
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

329f9ab30c7d126f94673f5d5122db65

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

shlwapi

comctl32

comdlg32

gdi32

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 18KB

.idata Size: 1KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 209B

.temp Size: 77KB - Virtual size: 77KB

.data Size: 5KB - Virtual size: 17KB

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 18KB - Virtual size: 18KB

.idata
Size: 1KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 209B

.temp
Size: 77KB - Virtual size: 77KB

.data
Size: 5KB - Virtual size: 17KB

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 2KB