ad2fc5115e939347995554b533ea6a6f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ad2fc5115e939347995554b533ea6a6f_JaffaCakes118
Size

220KB
MD5

ad2fc5115e939347995554b533ea6a6f
SHA1

38f757e2a34aa758d75927d93b84f934801f80b0
SHA256

d72a170bfdac7c503a8459a3515ca5f8f3248af7a3497834cb2ef1025cc161e3
SHA512

6264ddf7538c81b29e2bc761c88045bc820b5a95d674537b38cf14fe6c827d2726af556b4cfebebf4a377ffaa91d83329d04cdf96e5c7f44025779f56e245874
SSDEEP

3072:7m8aEk+vr/8vpT6SAJ5HxLuFomqe64Cyr/8oqCOdk49w6MYs/2j5Ct0WVFOx8McP:7mLsvz4pThy47IoqCcRpsfO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad2fc5115e939347995554b533ea6a6f_JaffaCakes118

Files

ad2fc5115e939347995554b533ea6a6f_JaffaCakes118
.dll windows:5 windows x86 arch:x86

cf0266a7fc5b4ae9cce4b2d452cce9af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

B:\xzXOzs\eahWrAP\SaCednbc.pdb

Imports

user32

CreateDialogParamW
PostMessageA
DrawAnimatedRects
ShowOwnedPopups
IsWindowUnicode
AttachThreadInput
HideCaret
GetDoubleClickTime
GetDlgItemTextA
IsCharLowerW
GetClassInfoW
SetParent

gdi32

Polygon
GetSystemPaletteEntries
ExtTextOutA
GetTextExtentExPointW
CreatePatternBrush
GetROP2

shlwapi

PathFindExtensionA

kernel32

GetFileInformationByHandle
ReleaseMutex
GetSystemWindowsDirectoryW
lstrcatA
GetVersionExA
GetCurrentProcessId
CreateSemaphoreW
FormatMessageA

Exports

Exports

?n__k__ay@@YGHPAMG@Z
?MJMFlsuy_rm_xforh_y_@@YGH_NI@Z
?KNLHkc___BREsFZP_@@YGEF@Z
?_tcqh_cfh@@YGME_N@Z
?zf_qq_jmtfkw@@YGNE@Z
?_Okjk_bwYIJEWOFHC__F@@YGI_N@Z
?bs_Thatxg@@YGMM@Z

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 187B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA1
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA2
Size: 76KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf0266a7fc5b4ae9cce4b2d452cce9af

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 512B - Virtual size: 187B

.data Size: 2KB - Virtual size: 2KB

DATA1 Size: 33KB - Virtual size: 33KB

DATA2 Size: 76KB - Virtual size: 240KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 512B - Virtual size: 187B

.data
Size: 2KB - Virtual size: 2KB

DATA1
Size: 33KB - Virtual size: 33KB

DATA2
Size: 76KB - Virtual size: 240KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB