def615dedbca16ebd1ac68a8a970be80_JaffaCakes118

General

Target

def615dedbca16ebd1ac68a8a970be80_JaffaCakes118
Size

10KB
MD5

def615dedbca16ebd1ac68a8a970be80
SHA1

9200d97c0101ca5a8e07f2362c84c701a5ff9c11
SHA256

2acce0dfa77d021f14902af047392a061da1de9b2f7393d5ff41fbf3942360b2
SHA512

cd44e56ab319a050499eb1ca3f4ff6e5c863fbdf5f779ca3fdba98a1452b4759bcbfbf8e2310b6a36825d4f834f4e1b622a4522111916877d9813b472c91f24e
SSDEEP

192:lWVtIjX2WygI8gfS3Pi+GmClUwVs5fBOj4ZDUEGeh9fNoOkWtRW7W:NXkR+3bGDUwWTu4ZDeeh/ozWtRW7W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
def615dedbca16ebd1ac68a8a970be80_JaffaCakes118

Files

def615dedbca16ebd1ac68a8a970be80_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1df0f46ce96b1d89d4ef89833d1fb9c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

BackupWrite
BuildCommDCBA
CompareFileTime
CreateDirectoryW
EnumDateFormatsA
ExitProcess
GetCurrentThread
GetFileAttributesExW
GetShortPathNameA
GetStartupInfoA
GetTempFileNameA
GetVolumeInformationW
LocalCompact
OpenFile
PostQueuedCompletionStatus
SetCommBreak
SetFileTime
SuspendThread
WritePrivateProfileSectionA
WritePrivateProfileSectionW
lstrlenW

user32

ActivateKeyboardLayout
ChangeDisplaySettingsExA
CharNextExA
CharNextW
CharPrevA
CreateWindowStationW
DlgDirListW
DrawTextW
EnumPropsA
FlashWindow
GetCursorPos
GetDlgItemTextA
GetMenuInfo
GetMenuItemInfoA
GetSystemMetrics
GetUserObjectInformationA
GetWindow
LoadCursorFromFileA
MessageBoxA
MonitorFromRect
RegisterLogonProcess
SetForegroundWindow
ToUnicode
UnionRect
VkKeyScanA

gdi32

CreateDIBPatternBrush
CreateDIBitmap
CreateSolidBrush
EqualRgn
ExtFloodFill
GetCharWidthW
GetDCOrgEx
GetDIBits
GetGlyphOutline
GetKerningPairs
GetLayout
GetObjectA
GetObjectType
GetObjectW
PolyPolygon
SetDIBits
SetPolyFillMode
SetRectRgn
StartDocA
StartDocW

Sections

.text
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1df0f46ce96b1d89d4ef89833d1fb9c8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 20KB

.data Size: 7KB - Virtual size: 28KB

.rdata Size: - Virtual size: 8KB

.rsrc Size: 1024B - Virtual size: 8KB

.text
Size: 512B - Virtual size: 20KB

.data
Size: 7KB - Virtual size: 28KB

.rdata
Size: - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 8KB