8b7e3b5b4a2e7b1a15c8b314e2f5b3c7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8b7e3b5b4a2e7b1a15c8b314e2f5b3c7_JaffaCakes118
Size

183KB
MD5

8b7e3b5b4a2e7b1a15c8b314e2f5b3c7
SHA1

b94bdbb7c561bea7e15d1a139d2d8f4f84beab0f
SHA256

599927ff7a03faad389c86b4ecce22ef15fe408746df7329eea764c1d8bfe608
SHA512

b89d52b35d4b7b49a20cdc47680b5576ef800d97399deb7b4ac42bd347ef2f622da76de3aea353e834180506be100c3acb1159961520b7fd5be851fcaf5fed6d
SSDEEP

3072:TcM7rAGddoQqKNcWwxihV4AHfCr7uPFM3aSjX6PlmOX3T7:HvndOrKe2VjfLw3+Plmwf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b7e3b5b4a2e7b1a15c8b314e2f5b3c7_JaffaCakes118

Files

8b7e3b5b4a2e7b1a15c8b314e2f5b3c7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1fb32985dcdd02ae092f2a4b6f0258ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

EnableWindow
RemoveMenu
MsgWaitForMultipleObjects
FillRect
EnableMenuItem
LoadCursorA
DrawIcon
GetWindowDC
SetWindowPos
EnumThreadWindows
PtInRect
CharUpperA
SetWindowsHookExA
OpenClipboard
DispatchMessageA
CharLowerA
OemToCharA
ShowOwnedPopups
GetSystemMetrics
GetLastActivePopup
SetTimer
GetKeyboardLayout
DestroyCursor
GetMenuStringA
DestroyIcon
GetMenuItemInfoA
IsWindowVisible
PeekMessageW
RegisterClipboardFormatA
SetForegroundWindow
PostMessageA
GetDlgItem
WindowFromPoint
SetPropA
GetCursor
ActivateKeyboardLayout
GetActiveWindow
GetKeyState
RegisterClassA
RemovePropA
ScreenToClient
CharToOemA
CharNextA
DrawFrameControl
PeekMessageA
CharUpperBuffA
TrackPopupMenu
UnregisterClassA
GetClassLongA
DrawAnimatedRects
UnhookWindowsHookEx
GetMenu
GetCapture
KillTimer
GetSubMenu
GetWindowThreadProcessId
SetFocus
SendMessageA
GetWindowTextLengthA
EnableScrollBar
GetKeyboardType
GetMenuItemCount

version

VerQueryValueA
VerFindFileA
VerInstallFileA

kernel32

HeapAlloc
SizeofResource
GetCurrentThreadId
SetHandleCount
GetModuleHandleW
CreateThread
FindClose
GetUserDefaultLCID
RaiseException
WaitForSingleObject
ReadFile
SetThreadLocale
GetStringTypeA
GetLocaleInfoA
GetCPInfo
GetModuleHandleA
GetCurrentProcessId
LoadLibraryA
MulDiv
MoveFileExA
ExitProcess
VirtualAlloc
GetLocalTime
GetOEMCP

Exports

Exports

tejoOkck@8
RVybblVy@12

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdata
Size: 512B - Virtual size: 298B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fb32985dcdd02ae092f2a4b6f0258ef

Headers

File Characteristics

Imports

user32

version

kernel32

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 12KB - Virtual size: 151KB

.edata Size: 145KB - Virtual size: 145KB

.idata Size: 2KB - Virtual size: 2KB

.bdata Size: 512B - Virtual size: 298B

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 12KB - Virtual size: 151KB

.edata
Size: 145KB - Virtual size: 145KB

.idata
Size: 2KB - Virtual size: 2KB

.bdata
Size: 512B - Virtual size: 298B

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB