8ab42785afa975f21e82f9b654ea37a2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8ab42785afa975f21e82f9b654ea37a2_JaffaCakes118
Size

178KB
MD5

8ab42785afa975f21e82f9b654ea37a2
SHA1

16ea65cda3a8878862aae66018a2350183dc24b8
SHA256

d0b56b95f5f80b4e44a791c5eadb9d0a0ec483f19315f5077df708f82cf4217b
SHA512

e3af32f0749853c3d397e04baa98d866eac7e8b788b240c21e926fb5a67a49df73a29e1fa8d7c19bc32a0cd0d9bbeeb1586b88f56b471a03bb89b96284eb5be0
SSDEEP

3072:+40NNmgZF+0kgXsrgPDvcDI01vV6b5+pHJl6R8dOMx1uLIkQtDkmHyfZBUNZ7oaM:t0Nk0+0vXskrcDI496bY5L6R8QMxYsBK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ab42785afa975f21e82f9b654ea37a2_JaffaCakes118

Files

8ab42785afa975f21e82f9b654ea37a2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dc667268c8c400945535679dca6140c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

GetObjectA
GetDIBColorTable
GetBkMode

kernel32

LocalAlloc
VirtualAlloc
GetACP
GetCurrentThreadId
ExitProcess
GetCommandLineA
GetCurrentProcessId

user32

OemToCharA
CallWindowProcA
SetScrollRange
OpenIcon
SetMenu
IsCharUpperA
LoadKeyboardLayoutA
CheckMenuItem
OffsetRect
IsChild
PeekMessageA
SetWindowsHookExA
DrawTextA
CreateWindowExA
SetCursor
KillTimer
GetCursor
GetIconInfo
FillRect
GetTopWindow
DestroyCursor
GetMenuItemID
DrawIconEx
GetParent
LoadBitmapA
SetScrollPos
GetDesktopWindow
PeekMessageW
PtInRect
GetKeyState
GetClientRect
SetCapture
GetSysColorBrush
DefWindowProcA
GetKeyboardLayoutList
MessageBoxA
CharNextA
wsprintfA
ReleaseDC
DrawAnimatedRects
GetPropA
GetForegroundWindow
CharLowerA
SetActiveWindow
ActivateKeyboardLayout
CharUpperBuffA
DrawEdge
SystemParametersInfoA
TrackPopupMenu
OpenClipboard
InsertMenuA
RedrawWindow
IsMenu
TranslateMDISysAccel
EndPaint
DrawFrameControl
GetWindowTextLengthA
SetWindowPos
GetMenuItemInfoA
SetForegroundWindow
SetWindowPlacement
IsZoomed
GetKeyboardType
GetMenu
SetScrollInfo
DispatchMessageW
RegisterWindowMessageA
RegisterClipboardFormatA
FrameRect
EndDialog
GetClassInfoA
GetDlgItem
SetWindowTextA
GetDCEx

shell32

Shell_NotifyIconW

Exports

Exports

7N0lc5_4TQja
_RY9uoOhsos
HDI1EdLgwe32vp
ivoumG@16
_w9aB708U73NjVS
nQvtH4p
_QzkJfRlgcR
_IIK5kKKVwbhoq@16
_hbsgp@16
cjYOhd6@12
_ksy4d@16
_yjoiMmWOWz1N
_HHwVWKao@12
xJnrmWS@12
LvVJd0k_7gIQ@8
kwXzONm_1Pl
_2g9sy7m
tSAXLOv
XnVT7
_eW5CT

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 151KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc667268c8c400945535679dca6140c9

Headers

File Characteristics

Imports

gdi32

kernel32

user32

shell32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 151KB - Virtual size: 335KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 151KB - Virtual size: 335KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 2KB