b7d870dc39fce6261393e3a65049e77e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b7d870dc39fce6261393e3a65049e77e_JaffaCakes118
Size

45KB
MD5

b7d870dc39fce6261393e3a65049e77e
SHA1

57cad7af21f7aa87035aff04e0866eb5c0a32730
SHA256

5f84ec0a593eba4cec075b6acc4e548cd467a42fe7b894be0e21d4f71222280c
SHA512

70daa8b0b034686659c02440ad20291e28e20313b6c869370cb3a08ed17217fa7586de0ddf0f2069e3321c7ba73c31d4ccb62a0d2981d70a27cc79bbcb67b2f9
SSDEEP

768:Vm5ZF3Vu1uN2MBtyMUJo9RTMGELug6rU5bmafiWsKp0MpLR2ifzp0DU:VS7F9N2WnUJoXDr0yaixKyMpLRVp6U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7d870dc39fce6261393e3a65049e77e_JaffaCakes118

Files

b7d870dc39fce6261393e3a65049e77e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6bfc0b3035302c6b5cd3d2586e50e94

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CommConfigDialogW
VirtualProtect
CreateFileA
GlobalAddAtomA
IsBadStringPtrW
SetProcessPriorityBoost
FatalExit
SetDefaultCommConfigA
SetConsoleCP
LoadModule
CreateMutexA
EnumResourceNamesW
GetLastError

user32

DdeCreateStringHandleA
CheckMenuRadioItem
GetSysColor
EnumDesktopsA
MapVirtualKeyA
WINNLSEnableIME
GetTabbedTextExtentW
PeekMessageA
CharToOemA
GetWindowLongA
GetMenuItemID
GetClipboardViewer
SendNotifyMessageW
GetCaretBlinkTime
EnumDisplaySettingsA
IsWindowEnabled
FrameRect
TrackPopupMenuEx
GetWindowTextLengthW
DdeAddData
CallMsgFilterW
DdeCreateDataHandle
DestroyMenu
SendMessageW
DrawAnimatedRects
DrawStateA
MonitorFromPoint
CreateDialogIndirectParamA
MB_GetString
SetShellWindow
GetPriorityClipboardFormat
FindWindowW
DrawTextA
SetProcessDefaultLayout
DdeInitializeA
ArrangeIconicWindows
RealGetWindowClass

gdi32

GetDeviceCaps
GetRasterizerCaps
GdiEntry8
SetStretchBltMode
SetDIBitsToDevice
AddFontResourceW
GdiEntry2
GetAspectRatioFilterEx
PolyBezier
GdiInitSpool
CreateFontIndirectExW
GdiConvertFont
GdiEntry14
EngStretchBltROP
ModifyWorldTransform
WidenPath
UpdateColors
GetFontLanguageInfo
GdiFlush
GdiEntry5
GetTextCharset
RemoveFontMemResourceEx
EngMarkBandingSurface
GetOutlineTextMetricsA
GetSystemPaletteUse
EngUnlockSurface
EnumICMProfilesA
InvertRgn
GetMiterLimit
SelectPalette
PolyPatBlt
PtVisible
GetMetaFileBitsEx
GetKerningPairsW
GetCharWidthFloatA

comdlg32

FindTextA
ReplaceTextA
GetOpenFileNameA
Ssync_ANSI_UNICODE_Struct_For_WOW
PrintDlgA
PageSetupDlgW
PrintDlgExW
PrintDlgW
GetSaveFileNameW
ChooseFontA
FindTextW
GetFileTitleW
GetFileTitleA
ChooseFontW

Sections

.text
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a6bfc0b3035302c6b5cd3d2586e50e94

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 40KB

.data Size: 37KB - Virtual size: 40KB

.idata Size: 3KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 40KB

.data
Size: 37KB - Virtual size: 40KB

.idata
Size: 3KB - Virtual size: 4KB