9b2c1ef3a18817334567c3f8be141465_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9b2c1ef3a18817334567c3f8be141465_JaffaCakes118
Size

364KB
MD5

9b2c1ef3a18817334567c3f8be141465
SHA1

1613227e69d9c78c71ed319c363ce1c88db23d7b
SHA256

41efad2b1fe957bd65504502205f7e0c0f37c9a9ebbfd523a5a7d15853cbfe23
SHA512

585db05bb770131168b842a97f17e0b6ea2ca7a309db33b10b817f56fa0e7cb867f70ac69e40a70349f57c334b436c8d093a2e93f85794b3c954548995389810
SSDEEP

6144:mm8HFmf2Ee5apzeJ4DSY7Dh6LUr+nxQNBO0fS:GjEuuDC1o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
9b2c1ef3a18817334567c3f8be141465_JaffaCakes118

Files

9b2c1ef3a18817334567c3f8be141465_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6edb7b49e7ce8702a069ef7ebf257bdc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualProtect
GetCurrentThread
lstrcmpA

version

VerInstallFileA
VerFindFileA

comdlg32

GetSaveFileNameA
CommDlgExtendedError

advapi32

LsaEnumerateAccountsWithUserRight
SystemFunction020

gdi32

GdiConvertBitmapV5
GetGlyphOutlineA
SetDIBits

gdiplus

GdipShearMatrix
GdiplusStartup
GdipMeasureCharacterRanges

oleacc

WindowFromAccessibleObject

msimg32

AlphaBlend

oledlg

OleUIUpdateLinksW

shell32

Shell_MergeMenus
SHChangeNotifyDeregister

winspool.drv

PrinterMessageBoxW
ExtDeviceMode
SetPortW
GetPrintProcessorDirectoryA

shlwapi

PathRemoveBackslashA
SHDeleteKeyW

comctl32

CreatePropertySheetPageW
GetEffectiveClientRect

imagehlp

SymGetSymFromAddr
SymGetModuleInfoW64

oleaut32

VarBoolFromUI8

ole32

CoRevokeMallocSpy
CoCopyProxy
DllGetClassObject

user32

BroadcastSystemMessageExW

Exports

Exports

GetClass

Sections

.text
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdatat
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6edb7b49e7ce8702a069ef7ebf257bdc

Headers

File Characteristics

Imports

kernel32

version

comdlg32

advapi32

gdi32

gdiplus

oleacc

msimg32

oledlg

shell32

winspool.drv

shlwapi

comctl32

imagehlp

oleaut32

ole32

user32

Exports

Exports

Sections

.text Size: 197KB - Virtual size: 196KB

.edata Size: 512B - Virtual size: 112B

.data Size: 24KB - Virtual size: 4KB

.data Size: 49KB - Virtual size: 48KB

.rdatat Size: 2KB - Virtual size: 1KB

.rsrc Size: 69KB - Virtual size: 68KB

.text
Size: 197KB - Virtual size: 196KB

.edata
Size: 512B - Virtual size: 112B

.data
Size: 24KB - Virtual size: 4KB

.data
Size: 49KB - Virtual size: 48KB

.rdatat
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 69KB - Virtual size: 68KB