ac7bb3a3fd1c5d367ba7698bff6bd9bd_JaffaCakes118

General

Target

ac7bb3a3fd1c5d367ba7698bff6bd9bd_JaffaCakes118
Size

168KB
MD5

ac7bb3a3fd1c5d367ba7698bff6bd9bd
SHA1

656871620579aeca25b2206ee12932b443ff2547
SHA256

400a613e8a7cc886d2d7f16bc5a3060871de63cfdc083c0f71f66f9b18a4aa43
SHA512

a1b9a0682dd821f57ea2555dad624a5f1addab48cb067b2fb74f6862825bf0c2f622f473a6b80ab51e409838ae83a8cce00890a5bb121b3f9c62075679b224e0
SSDEEP

3072:y6FJRlsnlB5/aP7U0rLPB79RUF0h/CKVtxxLvzLrs96kT3xqczxm8B:DUaTUY79nhCErvbs9RzxFlmw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac7bb3a3fd1c5d367ba7698bff6bd9bd_JaffaCakes118

Files

ac7bb3a3fd1c5d367ba7698bff6bd9bd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Exports

Exports

kdfAutoStart
kdfAutoStartClean
kdfAutoStartCleanB
kdfAutoStartCleanD
kdfAutoStartV
kdfCkeckKeylogger
kdfExProtect
kdfGetVersion
kdfSelfCheckIntegrity
kdfSetImageDir
kdfWebBrowserContextMenu
kdfWebBrowserHandleAdd
kdfWebBrowserHandleRemove

Sections

.text
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

im.fx4fp
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

g7tvv15g
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ilkse2od
Size: 511KB - Virtual size: 512KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t4twfb.7
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f433e7fcc51e68080022754836705744

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: - Virtual size: 72KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: - Virtual size: 32KB

.rsrc Size: 4KB - Virtual size: 944KB

im.fx4fp Size: - Virtual size: 12KB

g7tvv15g Size: - Virtual size: 60KB

ilkse2od Size: 511KB - Virtual size: 512KB

t4twfb.7 Size: 4KB - Virtual size: 4KB

.text
Size: - Virtual size: 72KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: - Virtual size: 32KB

.rsrc
Size: 4KB - Virtual size: 944KB

im.fx4fp
Size: - Virtual size: 12KB

g7tvv15g
Size: - Virtual size: 60KB

ilkse2od
Size: 511KB - Virtual size: 512KB

t4twfb.7
Size: 4KB - Virtual size: 4KB