bb02bf7afa36345adbd208da04fb2cbe_JaffaCakes118

General

Target

bb02bf7afa36345adbd208da04fb2cbe_JaffaCakes118
Size

166KB
MD5

bb02bf7afa36345adbd208da04fb2cbe
SHA1

987a8d47ea4314a4193ca01f59d00cc065b790ce
SHA256

1971c295907b845c4e65be239df1a944c17254df1d12b2af45ec01429a9261c6
SHA512

dd5a9f91d3eb95da9bf29840b751f4ea328ab7e4a0ef8eb81df113b2e13025b902ef48bf2ba4937ca4e6594798d873105232cfaaeca9976697015cd6c8050568
SSDEEP

3072:/sR7AsLYoHXxFK4DrQS0w0PofmuilyW+78yX0querR8pqjO9PhvKTkpH5qT9Hwk2:/snh3L0w3+hrs8pGcPJUkg1wkv0A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb02bf7afa36345adbd208da04fb2cbe_JaffaCakes118

Files

bb02bf7afa36345adbd208da04fb2cbe_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7b32c859058bb84c9a2a6c5284b98d66

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DuplicateHandle
ExitProcess
FileTimeToSystemTime
FindResourceA
FreeEnvironmentStringsW
GetACP
GetCommandLineA
GetCurrentProcessId
GetCurrentThread
GetExitCodeThread
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemInfo
GetVersion
HeapAlloc
HeapCreate
HeapReAlloc
IsBadReadPtr
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
lstrcpynA

msvcrt

exit
__p__commode
__set_app_type
isdigit
realloc
__getmainargs

user32

BeginDeferWindowPos
GetSubMenu
GetUserObjectSecurity
PostQuitMessage
SetClassLongA
SetClipboardData
ClientToScreen
EnumChildWindows

oleaut32

VarBstrCmp
VarBstrCat
SysStringLen
SysFreeString
SetErrorInfo
SafeArrayCreate
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayAccessData
RevokeActiveObject
OleTranslateColor
OleLoadPicturePath
OleLoadPicture
OleIconToCursor
GetErrorInfo

Exports

Exports

GetFrameBufferPtr
StartStreaming
TextOutWCP_ME

Sections

.text
Size: 87KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b32c859058bb84c9a2a6c5284b98d66

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

oleaut32

Exports

Exports

Sections

.text Size: 87KB - Virtual size: 184KB

.data Size: 77KB - Virtual size: 80KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 87KB - Virtual size: 184KB

.data
Size: 77KB - Virtual size: 80KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB