8a93e178c29124a7da8bca3ad9c43e6e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8a93e178c29124a7da8bca3ad9c43e6e_JaffaCakes118
Size

86KB
MD5

8a93e178c29124a7da8bca3ad9c43e6e
SHA1

2ee7354f7ea9a850a5451ff78f05cad000f720ad
SHA256

047122881c5549974c021c7ff5969f21784910485541bded18e041884912c951
SHA512

a684df25af160b2b5d8dfadc1914695529f2f901f66fbb0403f78a1f799f9fcce27182d082f9afe4919eca7b0da6f1b03e41b3ce38a008f4381e0c66bb0c4ea5
SSDEEP

1536:08UvoE81Sxmand42gWvty+51LTq4zQHir8AUQQPlTbTM4I6zj2dckp3sE6YvHEgJ:TUvoZSxmad42gWvdLTsHhZQST/tI6zqz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a93e178c29124a7da8bca3ad9c43e6e_JaffaCakes118

Files

8a93e178c29124a7da8bca3ad9c43e6e_JaffaCakes118
.dll windows:5 windows x86 arch:x86

f95e4440bf073263ec26230ccc8c2e18

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
FreeLibrary
GetVersion
DisableThreadLibraryCalls
lstrlenW
LocalFree
LocalAlloc
GetVersionExA
GetModuleHandleW
GetWindowsDirectoryW
GetModuleFileNameW
LoadLibraryW
GetCurrentProcess

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

gdi32

GetStockObject
SelectObject
GetTextExtentPointW
SetTextAlign
GetDeviceCaps
DeleteObject

ole32

CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

SysAllocString

shlwapi

SHRegSetPathW
wnsprintfW
StrCmpIW
PathParseIconLocationW
StrChrW
StrCmpW
StrCpyW
ord124
ord130
ord125
PathAppendW
StrCpyNW
StrCatBuffW
StrCatW
StrCmpNIW
ord145
ord107
ord97
ord81
ord215
ord217
ord346
ord306
ord136
ord141
ord94
ord219
ord299
ord53
ord56
ord131
ord102
ord135
ord413
ord271
ord149
ord59
ord497
ord309
ord394
ord434
ord460
ord344
ord128
ord120
ord199

user32

GetSystemMetrics
ShowWindow
GetWindowLongA
SetWindowPos
BeginPaint
EndPaint
GetWindowRect
ReleaseDC
GetDC
IsDlgButtonChecked
CheckDlgButton
InvalidateRgn
GetFocus
GetDialogBaseUnits
GetDlgItem
EnableWindow
EndDialog
SetFocus
GetParent

shell32

ord258
ord259
ord147
ord62

msvcrt

_except_handler3

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f95e4440bf073263ec26230ccc8c2e18

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

ole32

oleaut32

shlwapi

user32

shell32

msvcrt

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.data Size: 57KB - Virtual size: 57KB

.rsrc Size: 1024B - Virtual size: 1008B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 24KB - Virtual size: 23KB

.data
Size: 57KB - Virtual size: 57KB

.rsrc
Size: 1024B - Virtual size: 1008B

.reloc
Size: 3KB - Virtual size: 2KB