d6b319bd20e76ccb59985be2d050e7d2_JaffaCakes118

General

Target

d6b319bd20e76ccb59985be2d050e7d2_JaffaCakes118
Size

249KB
MD5

d6b319bd20e76ccb59985be2d050e7d2
SHA1

0c8fd219c35c8a1eb6e62d6ff6e8607f1bc95615
SHA256

c75bd98012ef317cf23e07ca6524b931cb6026ce7889b46ec5bb2b446e56003b
SHA512

f5b0042bb2da410a18d3a316d1e4a9c81ae03009161fdabcb7e84ffbac069bac56c17e2c54b1aed01a446c6bcce4a9f626faf00b44ee0a3b91fa33138511a172
SSDEEP

6144:P4bk2wwrJ+s81Y6hxRcePyI79MNhR57E+Dlm:P4bJl+X1Y6hxRfPyz97Eqm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6b319bd20e76ccb59985be2d050e7d2_JaffaCakes118

Files

d6b319bd20e76ccb59985be2d050e7d2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5222117ad3fc7b0478d3d6450fa611e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
ExitThread
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetExitCodeThread
GetModuleHandleA
GetStartupInfoA
GetStringTypeA
GetSystemTimeAsFileTime
GetTickCount
HeapSize
LoadLibraryA
LocalAlloc
QueryPerformanceCounter
SearchPathA
SetStdHandle
SetUnhandledExceptionFilter
VirtualAlloc
VirtualProtect
WriteConsoleA

msvcrt

strncat
atof
atoi
atol
fopen
wscanf
wcscpy
wcschr
swprintf
strncmp
strlen
strcpy
strcmp
sscanf
fwrite
fseek

user32

WindowFromPoint
GetWindowPlacement
GetSubMenu
GetMessageA

comctl32

CreateStatusWindowA
InitCommonControls

oleaut32

VarDecFromI1
VarDateFromI2
OleLoadPictureFile
VarWeekdayName
VarUI4FromDisp
VarUI2FromBool
VarI2FromDisp
VarDecDiv
SysAllocStringByteLen
SysReAllocString

ddraw

DirectDrawCreate
DDInternalUnlock
DirectDrawCreateClipper

Exports

Exports

B

Sections

.text
Size: 94KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5222117ad3fc7b0478d3d6450fa611e3

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

comctl32

oleaut32

ddraw

Exports

Exports

Sections

.text Size: 94KB - Virtual size: 96KB

.rdata Size: 78KB - Virtual size: 80KB

.data Size: 48KB - Virtual size: 132KB

.rsrc Size: 27KB - Virtual size: 28KB

.text
Size: 94KB - Virtual size: 96KB

.rdata
Size: 78KB - Virtual size: 80KB

.data
Size: 48KB - Virtual size: 132KB

.rsrc
Size: 27KB - Virtual size: 28KB