b4cf6e5b9d514f874c79ebb84b107d8a_JaffaCakes118

General

Target

b4cf6e5b9d514f874c79ebb84b107d8a_JaffaCakes118
Size

152KB
MD5

b4cf6e5b9d514f874c79ebb84b107d8a
SHA1

822760a30f2a85559226774c2d12bc01c03eca8b
SHA256

982fb703fdf69cce55afd0ca09e137c75a7d2e9cb4f4618c5ab2affad69e3264
SHA512

abcd923aa972dd72f054b8ff4970e353aa6fee79b7ceeeffa07865dd4a0cd0001616462c25b0db79116c044764c2db24e26ab9b1100467790eb59752e6e18ec7
SSDEEP

3072:RD396xhMaKzde+WYHN7bIBV7WBUEd7CfzZxUFU:dEMaK5e+Wa7bIBVaBUk2ZxU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4cf6e5b9d514f874c79ebb84b107d8a_JaffaCakes118

Files

b4cf6e5b9d514f874c79ebb84b107d8a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a229e4561697dcac8b31cc6789582640

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

GetOpenFileNameW
ChooseFontW
GetSaveFileNameW
CommDlgExtendedError

kernel32

GetModuleHandleA
QueryPerformanceCounter
GetCurrentProcess
GetConsoleKeyboardLayoutNameA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetExitCodeProcess
FindFirstFileW
CopyFileW
FindNextFileW
SetFileAttributesW
MoveFileW
FindClose
SetLastError
OpenProcess
UnregisterWaitEx
RegisterWaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
LoadLibraryExW
FormatMessageW
GetTickCount
CreateEventW
CreateThread
GetCurrentThreadId
OutputDebugStringA
GetCurrentProcessId
ResetEvent
SetEvent
GetFileAttributesExW
ReleaseMutex
WaitForMultipleObjects
CreateMutexW
CloseHandle
WaitForSingleObject
Sleep
LoadLibraryW
GetProcAddress
FreeLibrary
LocalAlloc
LocalFree
GetLastError
InterlockedDecrement
InterlockedIncrement
InterlockedCompareExchange
InterlockedExchange
GetSystemTimeAsFileTime
TerminateProcess
DeleteFileW
RemoveDirectoryW
SetEnvironmentVariableW
DisableThreadLibraryCalls
DebugBreak
InitializeCriticalSectionAndSpinCount

oleaut32

DispGetIDsOfNames
CreateErrorInfo
OleCreateFontIndirect
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt

Sections

.text
Size: 101KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a229e4561697dcac8b31cc6789582640

Headers

File Characteristics

Imports

comdlg32

kernel32

oleaut32

Exports

Exports

Sections

.text Size: 101KB - Virtual size: 113KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 47KB - Virtual size: 46KB

.reloc Size: 512B - Virtual size: 352B

.text
Size: 101KB - Virtual size: 113KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 47KB - Virtual size: 46KB

.reloc
Size: 512B - Virtual size: 352B