8cef7717ed7c2e8f8896f8617c7ef2cc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8cef7717ed7c2e8f8896f8617c7ef2cc_JaffaCakes118
Size

121KB
MD5

8cef7717ed7c2e8f8896f8617c7ef2cc
SHA1

76ba2e11d5b1d58254145b65422aee428e39cae8
SHA256

53b04deb8c0a4cd575455585c2f3267ba2d0e04056554334c258c0e111f0b7ad
SHA512

c07b593dee39291fca298b4a48566ab622e093e066738d94544d2f5880326799bb903f60a53475b2566b1f228d187641b116d125c158e6ef1fc80946141260c7
SSDEEP

3072:/m0sTlxFq5IV6/DbPDCuROCQqhW5oh5MRaqxB3I31aEYID:O0qTFCIV6LCB+W545MRdYF1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8cef7717ed7c2e8f8896f8617c7ef2cc_JaffaCakes118

Files

8cef7717ed7c2e8f8896f8617c7ef2cc_JaffaCakes118
.dll windows:5 windows x86 arch:x86

b0bdd20b568667aad82849166da9e683

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Z:\anifychrwndbunxwTbfJgb\mXvfkdcooVjwfhgrtNuAP\zmLnPYwtufyQMxHCbv\icQWfgyeYencsfQzh\oinmykuIievhJtnztkxRAm\coouqZheWdim\EWlkkNpJtehpxt\erwxofsdpfzzlioZ.pdb

Imports

user32

EnableMenuItem
AppendMenuA
GetSystemMetrics
PostQuitMessage
GetMenuItemCount
CharToOemW
CreateCaret
KillTimer
GetClipCursor
RegisterWindowMessageW
LoadCursorW
ChildWindowFromPointEx
InternalGetWindowText
CheckMenuItem
MapVirtualKeyA
OffsetRect
IsWindowEnabled
GetDoubleClickTime
InsertMenuItemW
ShowScrollBar
GetMenuState
GetIconInfo
MapDialogRect
GetMenuStringA
TrackPopupMenu
PeekMessageA
GetDlgItemTextA
GetMonitorInfoW

kernel32

FindResourceExW
TerminateThread
LoadLibraryA
GetThreadContext
QueryDosDeviceW
QueryPerformanceCounter
SetPriorityClass
MoveFileA
SetFilePointer
lstrcmpW
GetModuleHandleW
lstrcpyW
SetHandleCount
GetSystemDirectoryW
GetProcAddress
UnlockFile
DeleteAtom

gdi32

StartPage
GetPixel
SetPixel
GetNearestColor
AddFontResourceW
BitBlt
CreateDIBSection
CreateHatchBrush
CreateBitmapIndirect
LineDDA
DeleteObject
StartDocW
GetTextExtentPoint32A
GetObjectA

shell32

ord196
ord195

shlwapi

StrChrIW

Exports

Exports

AlphaBlend
?DufiluIOQF67uiofYIFYfUFyf@@YGKEPA_WG@Z

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0bdd20b568667aad82849166da9e683

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

gdi32

shell32

shlwapi

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 64KB

.rdata Size: 27KB - Virtual size: 27KB

.mdata Size: 12KB - Virtual size: 11KB

.data Size: 14KB - Virtual size: 150KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 64KB - Virtual size: 64KB

.rdata
Size: 27KB - Virtual size: 27KB

.mdata
Size: 12KB - Virtual size: 11KB

.data
Size: 14KB - Virtual size: 150KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB