d9e4fddff2195f1b4f788e870cb1f302_JaffaCakes118

General

Target

d9e4fddff2195f1b4f788e870cb1f302_JaffaCakes118
Size

19KB
MD5

d9e4fddff2195f1b4f788e870cb1f302
SHA1

a186283c95e41f08e317c498ea6e05730a8c735e
SHA256

4026714bad29801126ccfe94fc50a69d84cde2a0048285ae4e8864d14b8b9f41
SHA512

6b5768c4b66cc9d5e3782034a03242c3619ff82f88a2762a9663d1470a42fccd4a7a7523a8e069ae2e7faf531a5cb5b34b813027841e686d976cee20c4d9490a
SSDEEP

192:E/3vbJzL7hvzJGUXR+J9p1Ypt6K5lkVhLj1FMylfwLv8yRgkey9:E/vbJzL7hvzJGZNSt6UYx3kJe4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9e4fddff2195f1b4f788e870cb1f302_JaffaCakes118

Files

d9e4fddff2195f1b4f788e870cb1f302_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2534fe87e00f2ea0043de636b4c30228

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

RegisterClassExW
CallWindowProcW
ReplyMessage
wsprintfA
IsClipboardFormatAvailable
CharLowerBuffA
AnimateWindow
TabbedTextOutA

kernel32

lstrlenA
lstrcatA
CloseHandle
CreateMutexA
ExitProcess
ExitThread
FlushViewOfFile
GetSystemTime
GetTickCount
LoadLibraryA
LoadLibraryExA
OpenMutexA
UnhandledExceptionFilter
RtlMoveMemory
SetUnhandledExceptionFilter
Sleep
SystemTimeToFileTime

shell32

ExtractIconExA
DuplicateIcon

advapi32

GetFileSecurityA
GetSecurityInfo
GetMultipleTrusteeOperationA
GetMultipleTrusteeA
GetLengthSid

gdi32

GetROP2
GetSystemPaletteEntries
GetTextFaceA
GetPolyFillMode
StartPage
GetPixelFormat
GetPixel
GetPaletteEntries
GetPath
SetWindowOrgEx

ws2_32

setsockopt
socket
recv
connect

ntdll

RtlGetProcessHeaps
RtlGetAce
RtlFreeHandle
RtlFormatMessage
NtCreateTimer
NtCreateMutant
NtCreateDirectoryObject
NtCancelTimer
NtCancelIoFile
NtCallbackReturn

Exports

Exports

fxepxd

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2534fe87e00f2ea0043de636b4c30228

Headers

File Characteristics

Imports

user32

kernel32

shell32

advapi32

gdi32

ws2_32

ntdll

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 71KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 71KB

.reloc
Size: 1KB - Virtual size: 1KB