c076e793f6ad3567d0d05414eb5c63cf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c076e793f6ad3567d0d05414eb5c63cf_JaffaCakes118
Size

173KB
MD5

c076e793f6ad3567d0d05414eb5c63cf
SHA1

c793d207fd9ae875a9c97e3242c6cfcea487570a
SHA256

80de45aa49051c6182a8947c7235279aa978f58f75ccd62a5a27b7cfb9e4b7f9
SHA512

8a89e584bf3da73d3f6b53da49f12e4c1cbb63600e85e61262d10375e14d9a8dcd6c62724e41585ed024dca184f3397cc0229085038d3694561d5bdede0352f1
SSDEEP

3072:giuRTuE2/6gZS7Od6b9sGviRMSdTYCpnRB4QEm2awNNiktKMZwqjkgUeMJ:gMEs6gc6d4vijdcCpnRH7Xw6Pm4gU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c076e793f6ad3567d0d05414eb5c63cf_JaffaCakes118

Files

c076e793f6ad3567d0d05414eb5c63cf_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4b2df1d9b46b9a888a01877461ab5105

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LockResource
IsBadHugeReadPtr
FindClose
HeapDestroy
VirtualFree
MulDiv
ResetEvent
lstrlenA
SetThreadLocale
GetModuleHandleW
InitializeCriticalSection
lstrlenW
SetErrorMode
LoadLibraryA
ExitProcess
lstrcmpiA
GetDateFormatA
lstrcpynA
IsBadReadPtr
DeleteFileA
SetEndOfFile
LocalFree
CompareStringA
HeapAlloc
GetProcAddress
SizeofResource
GetVersion
LoadLibraryExA
VirtualAlloc
ReadFile
GetDiskFreeSpaceA
lstrcpyA
GlobalDeleteAtom
GetStdHandle
ExitThread
GetStringTypeW
GetThreadLocale
GetModuleHandleA
GetSystemDefaultLangID
GetStartupInfoA
GetFullPathNameA
WideCharToMultiByte
MoveFileA
GetCommandLineW
GetCPInfo
SetHandleCount
LoadResource
HeapFree
lstrcmpA
GetModuleFileNameA
GetTickCount
RaiseException
LocalReAlloc
FormatMessageA
SetFilePointer
CloseHandle
GetVersionExA
GetLocalTime
GlobalFindAtomA
VirtualQuery
CreateFileA
GetACP
lstrcatA
SetEvent
FreeResource

gdi32

CreateDIBitmap
CreatePalette
GetObjectA
CreateDIBSection
GetTextAlign
GetBkMode
GetPixel

oleaut32

SafeArrayCreate
RegisterTypeLib
SysFreeString
GetErrorInfo
SafeArrayGetElement

user32

GetScrollRange
DeleteMenu
GetMenu
MessageBoxA
CallWindowProcA
UnhookWindowsHookEx
DrawIconEx
KillTimer
GetParent
CreateWindowExA
DrawMenuBar
RemovePropA
GetMenuItemID
CreatePopupMenu
DestroyWindow
IsZoomed
SetParent
ShowWindow
ReleaseCapture
SetClassLongA
DispatchMessageW
GetCursor
DrawIcon
RedrawWindow
SetWindowTextA
MapWindowPoints
EnableWindow
CheckMenuItem
BeginPaint
GetSysColor
SetCursor
CreateMenu
DestroyIcon
IsWindowUnicode
LoadIconA
ReleaseDC
CharLowerBuffA
DispatchMessageA
GetKeyboardLayout
PtInRect
GetPropA
GetDesktopWindow
TranslateMessage
GetKeyboardType
CharNextW
IsWindowEnabled
SetWindowLongA
GetMenuItemInfoA
GetWindowTextLengthA
GetDC
WindowFromPoint
EnableMenuItem
LoadStringA
GetWindow
WaitMessage
GetKeyboardLayoutNameA
GetWindowLongW
GetClientRect
GetKeyboardLayoutList
LoadKeyboardLayoutA
LoadBitmapA
DrawAnimatedRects

Exports

Exports

03DUZTI@4

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 147KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b2df1d9b46b9a888a01877461ab5105

Headers

File Characteristics

Imports

kernel32

gdi32

oleaut32

user32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 147KB - Virtual size: 303KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 147KB - Virtual size: 303KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB