b4767b437c023135459b44a67eea876b_JaffaCakes118

General

Target

b4767b437c023135459b44a67eea876b_JaffaCakes118
Size

171KB
MD5

b4767b437c023135459b44a67eea876b
SHA1

f1f7e5c97818716dd99917f2451b1474180c8ef8
SHA256

0546bbd30564d734f2880735d5918a3cafb8d2c7fe69feffc52b2adcfd66dfeb
SHA512

227257e46935322fa196664a1b3c0ecd8f9cbf536a3376f881a89011c092c78cf2ce010eb54c1a2a6d96c971ecafbd4254fe1daf3d0ff43ba78a50ff9cc05ad4
SSDEEP

3072:jI1p+6kxgtvsy5zCgqbMnwAyzvZIlMkJAm1pMsOYLKP:j6kKtky5zlqon/4vaPks

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4767b437c023135459b44a67eea876b_JaffaCakes118

Files

b4767b437c023135459b44a67eea876b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1eb23579c6f4c8117bd5f7cf90d0f1ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
FindClose
FindResourceA
GetACP
GetCommandLineA
GetConsoleMode
GetDateFormatA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
MapViewOfFile
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
lstrlenA

msvcrt

realloc
wcscat
wcslen
vswprintf

user32

GetPropA
GetParent
IsDlgButtonChecked
DrawIconEx
DestroyWindow
CreateWindowExA
PostQuitMessage
SetScrollInfo
SetWindowPlacement
FillRect
DrawMenuBar

oleaut32

OleIconToCursor
GetErrorInfo
ClearCustData
OleLoadPicturePath
OleTranslateColor
SafeArrayAccessData
SafeArrayAllocDescriptor
SafeArrayCreate
SysFreeString
SysStringLen

shlwapi

ChrCmpIA
PathCombineA
PathFileExistsA
PathFindOnPathA
PathGetDriveNumberA
SHDeleteEmptyKeyA
SHDeleteValueA
SHOpenRegStreamA

Exports

Exports

GetSimpleTableDispenser
UninitializeStreaming
W32N_GetLastError

Sections

.text
Size: 103KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1eb23579c6f4c8117bd5f7cf90d0f1ae

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 103KB - Virtual size: 180KB

.data Size: 65KB - Virtual size: 68KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 103KB - Virtual size: 180KB

.data
Size: 65KB - Virtual size: 68KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB