af97150126c4cf16578e54ee8e08afc5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

af97150126c4cf16578e54ee8e08afc5_JaffaCakes118
Size

114KB
MD5

af97150126c4cf16578e54ee8e08afc5
SHA1

4b9e9ef6987cc4dbb726af5bfc2eb12661796fed
SHA256

d2e919fd9351d9359385b94d1dadecf51e0a96342d0a418d66717388e4be3ac1
SHA512

69e73ad031f70071f5c199196847bfdffd1538f136981ee3e5a712686e7355d97d565b86d0b3e7368e49d971bd077bc0f5e20d3a79985d0c16680a0ad012d192
SSDEEP

1536:TIJX4+32lcQ45PnsTKGYpYyWmlFWOOu8Le2NQJyw3QkStAQOhc9sAoUAAAbdRjHF:0JX4+Eh/KrYyflFWfQggcS2pou2dxn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af97150126c4cf16578e54ee8e08afc5_JaffaCakes118

Files

af97150126c4cf16578e54ee8e08afc5_JaffaCakes118
.dll windows:5 windows x86 arch:x86

0309d8dcc5b5b939929ce1cc1fdda4dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

X:\nphipd\xgsU\mpjlAjmr.pdb

Imports

comctl32

PropertySheetA
ImageList_GetIcon
CreatePropertySheetPageW
CreatePropertySheetPageA
ImageList_GetImageCount

gdi32

SaveDC
GetTextExtentExPointW
GetViewportOrgEx
SetViewportOrgEx
GetROP2
GetTextCharsetInfo
Rectangle
GetObjectW
GetTextExtentPointW
CreateRectRgnIndirect
GetLayout
GetSystemPaletteUse
GetCurrentObject
SetDIBits

comdlg32

GetOpenFileNameA
CommDlgExtendedError
PageSetupDlgW

kernel32

lstrcpyW
GlobalHandle
ExitThread
HeapSize
LocalSize
SetSystemTimeAdjustment
ConvertDefaultLocale
CopyFileW
GetACP
DeleteFileW
SuspendThread
GetFullPathNameW
GetPriorityClass
LockResource
SetCommState
MoveFileExW

user32

SetDlgItemTextA
DrawTextExW
OpenIcon
GetCursor
ChildWindowFromPoint
RegisterClassA
EnableScrollBar
IsWindow
SetWindowTextW
MessageBoxExW
SendMessageW
GetCapture
CallWindowProcA
FillRect
ScrollWindowEx
CharLowerBuffW
DestroyAcceleratorTable
MessageBoxExA
CharToOemBuffA
LoadStringW
GetParent
GetMenu
InvalidateRect
ReplyMessage
DestroyCaret
RedrawWindow
SetFocus
RegisterWindowMessageA
CreateIconFromResource
ChangeMenuW
TranslateAcceleratorA
IsDialogMessageA
SystemParametersInfoA
CreateCaret

Exports

Exports

?_CreateDesktopA@@YGXEHPAD@Z

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0309d8dcc5b5b939929ce1cc1fdda4dc

Headers

File Characteristics

PDB Paths

Imports

comctl32

gdi32

comdlg32

kernel32

user32

Exports

Exports

Sections

.text Size: 70KB - Virtual size: 69KB

.rdata Size: - Virtual size: 132KB

.data Size: 23KB - Virtual size: 22KB

.pdata Size: 18KB - Virtual size: 18KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: - Virtual size: 132KB

.data
Size: 23KB - Virtual size: 22KB

.pdata
Size: 18KB - Virtual size: 18KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB