ce390f7e33f36c213f62a1d49fc69674_JaffaCakes118

General

Target

ce390f7e33f36c213f62a1d49fc69674_JaffaCakes118
Size

40KB
MD5

ce390f7e33f36c213f62a1d49fc69674
SHA1

11d61892c14e02bcb542a7ae2451602bba74c609
SHA256

93df8ae01f7087eb73bc23ea3e9f959daa4e283853f0f449cdbadfeb1edb2458
SHA512

220f8e0de0cdc1fe0b38335b8ec97e243abd6597aa0cbb71b629a1fa7813e1d33c3c6b6efacf29d5ac4bc52a97c02b4587fbe4effd00ed62ed117c8dd171144f
SSDEEP

768:xB4rtxa2LtECRCJRKUSu31ZC5ESXaK+vV8kQVfyXi9iwy0NUg0Aqf0f:xIxa2LtEnRFZC5hWQKi9immgV0Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce390f7e33f36c213f62a1d49fc69674_JaffaCakes118

Files

ce390f7e33f36c213f62a1d49fc69674_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Exports

Exports

DLL_GetProjectVersion
EnableAltInterception
EnableDiaryTracking
EnableNTInvisible
EnablePreHandle
EnableSpecialKeysLogging
SetHook
UploadLogs

Sections

.text
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0d472xjr
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

v7pvn7fw
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qm8ztkrj
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8bhos79d
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f433e7fcc51e68080022754836705744

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 4KB

.data Size: - Virtual size: 4KB

.shared Size: 512B - Virtual size: 4KB

0d472xjr Size: - Virtual size: 4KB

v7pvn7fw Size: - Virtual size: 20KB

qm8ztkrj Size: 31KB - Virtual size: 32KB

8bhos79d Size: 4KB - Virtual size: 4KB

.text
Size: - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: - Virtual size: 4KB

.shared
Size: 512B - Virtual size: 4KB

0d472xjr
Size: - Virtual size: 4KB

v7pvn7fw
Size: - Virtual size: 20KB

qm8ztkrj
Size: 31KB - Virtual size: 32KB

8bhos79d
Size: 4KB - Virtual size: 4KB