87640f0366b145cf50b152f2c1fccc21_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

87640f0366b145cf50b152f2c1fccc21_JaffaCakes118
Size

130KB
MD5

87640f0366b145cf50b152f2c1fccc21
SHA1

bf82fce5c9ca92e908d5e7f5b103d3575d9375ca
SHA256

ca6c97b0beced2ddbf2e57fcd4f3941ecc586707bc7ae479bfd2ffa91ae01190
SHA512

67436b68f15f2016277ec9dd9b696ec048d9a3f18efec449441fc833a7915ca0e610e9328658e6be2352f9e6354cb7e452a6e5b8ae8d8e8537de95b0397d8ff7
SSDEEP

3072:cyQVEnK9tgE4XKdJyHOYhNdPInM7OnMHGZTJEsC9+H:cyQVEggzzdRQMUMHwtEz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87640f0366b145cf50b152f2c1fccc21_JaffaCakes118

Files

87640f0366b145cf50b152f2c1fccc21_JaffaCakes118
.dll windows:9 windows x86 arch:x86

1e80c53ce57baa7f1c1f01c5167b6c57

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

CreateCompatibleDC
DeleteDC
CreateFontIndirectW
GetStockObject
CreateCompatibleBitmap
GetObjectW
SelectObject
MoveToEx
SetBkMode
MoveToEx
SetBkMode
DeleteDC
CreateCompatibleDC
GetObjectW
GetDeviceCaps
GetDeviceCaps
TextOutW
SetBkColor
SelectObject
TextOutW
CreateFontIndirectW
TextOutW
CreateBitmap
CreateFontIndirectW
DeleteDC
GetObjectW
SetBkColor
DeleteObject
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
ExtTextOutW
GetTextMetricsW
SetTextColor
GetDeviceCaps
ExtTextOutW
LineTo
CreateSolidBrush
CreateCompatibleDC
GetDeviceCaps
BitBlt
BitBlt
SetBkColor
CreateCompatibleBitmap

user32

SetTimer
GetSystemMetrics
GetDlgItem
LoadIconW
GetKeyboardState
GetMessageW
GetSystemMetrics
SetTimer
GetDC
GetWindowRect
ShowWindow

kernel32

GetCurrentThreadId
HeapAlloc
HeapFree
InitializeCriticalSection
GetTickCount
GetModuleHandleA
GetCommandLineW
ReadFile
FormatMessageW
LoadLibraryA
SetEvent
QueryPerformanceCounter
SleepEx
SetFilePointer
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleA
ExitProcess
VirtualAllocEx
FormatMessageW
GetCurrentProcess

Exports

Exports

TnddLBEnEK
LldYHnCitS
MCFHxu
mJLelHSAP
eRMtDVYSyH
QSZpolX
PxcBkMPVKm
MVMAANlh
ULOClmIg
IHWCsxh

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e80c53ce57baa7f1c1f01c5167b6c57

Headers

File Characteristics

Imports

gdi32

user32

kernel32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 396KB

.data Size: 109KB - Virtual size: 112KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 396KB

.data
Size: 109KB - Virtual size: 112KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB