cec89130fa8e66ff6c1b393c9386bdfa_JaffaCakes118

General

Target

cec89130fa8e66ff6c1b393c9386bdfa_JaffaCakes118
Size

201KB
MD5

cec89130fa8e66ff6c1b393c9386bdfa
SHA1

4f0ff5f525106a044a2b66698f257dacc5c5af79
SHA256

c06f26cd2bedec9b84592b42e1d626e5630307f669cc33704bd11c3fa5bd1de7
SHA512

ec451c2702d2d3b31490e4299d19a9328d8902ef03931a8a6ff5c47b8b1112820f7dcb2676e4bac39f75cf3d401c29a2d25e6433060d38c546abbbb52aa36a65
SSDEEP

3072:99sT9p6WVOakZC0t3haFd5GMw0Gzc37LnrbFNFyY+7k2DUPJI76nI4CGf:kzu3haVGtunXXF9iBUPI6nX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cec89130fa8e66ff6c1b393c9386bdfa_JaffaCakes118

Files

cec89130fa8e66ff6c1b393c9386bdfa_JaffaCakes118
.dll windows:5 windows x86 arch:x86

f707c71974cadb6b0c718668b50e3089

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Y:\bfUl\eitalur\gTdMpHpM\zXvjPqm\OuDhq.pdb

Imports

user32

GetKeyState
MapVirtualKeyExA
DefDlgProcA
CreateWindowExA
CopyRect
InflateRect
GetCaretBlinkTime
CheckRadioButton
GetForegroundWindow
GetClientRect
MonitorFromRect
ClipCursor
mouse_event
LookupIconIdFromDirectory

shlwapi

PathRemoveArgsW
ChrCmpIW

gdi32

SetDIBits
GetTextFaceW
GetClipBox
StretchDIBits
EndPage
PatBlt
GetBkMode
CreateRectRgn

kernel32

OpenEventW
DeleteCriticalSection
lstrlenA
SetThreadExecutionState
UnmapViewOfFile
GetFileType
ConnectNamedPipe
CreateMailslotW
GlobalDeleteAtom
ReadFile
GetSystemDefaultUILanguage
FindFirstFileW

comdlg32

GetSaveFileNameW
GetSaveFileNameA
PageSetupDlgW

Exports

Exports

?oGCSqvkinyVsomwdc@@YGDPA_NPAH@Z
?hoReHNslCajhjlviwaj@@YGXPAKPAD@Z
?PxsbjUjoOq@@YGDFPAD@Z

Sections

.itext
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

CODE
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 160KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f707c71974cadb6b0c718668b50e3089

Headers

File Characteristics

PDB Paths

Imports

user32

shlwapi

gdi32

kernel32

comdlg32

Exports

Exports

Sections

.itext Size: 512B - Virtual size: 512B

CODE Size: 27KB - Virtual size: 26KB

DATA Size: 160KB - Virtual size: 240KB

.rdata Size: 5KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 3KB

.itext
Size: 512B - Virtual size: 512B

CODE
Size: 27KB - Virtual size: 26KB

DATA
Size: 160KB - Virtual size: 240KB

.rdata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 3KB