dfe9b9a85bb8399d0eaec1ff6546225f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dfe9b9a85bb8399d0eaec1ff6546225f_JaffaCakes118
Size

108KB
MD5

dfe9b9a85bb8399d0eaec1ff6546225f
SHA1

303f777e11b2b0d737276ee7c3396c62f453e139
SHA256

dba5d0e8daa2721ce34108ab5f927406ae022692bccfae52bbcac014d39b17c6
SHA512

f10cb48c140becb6a32c14d377feeca35dbe2bb280b5af4322d4c727b8241592572dda14b6f9e2961d289c17e0712ab1c2df86d7864bdcdabff604bd52370b1e
SSDEEP

3072:XnZQTSlhyxjKiLR91m5HQxDPlaDM1gqE4xBovl4:3eTJ31MwxDPlIMhL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfe9b9a85bb8399d0eaec1ff6546225f_JaffaCakes118

Files

dfe9b9a85bb8399d0eaec1ff6546225f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a84be925d518d1cd786754081ff090ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileSize
LoadLibraryA
GetACP
TlsFree
TlsGetValue
TlsSetValue
FreeLibrary
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetVersionExA
WideCharToMultiByte
LocalFree
LocalAlloc
LoadLibraryW
GetDriveTypeW
lstrlenW
GetCurrentProcess
GetProcAddress
Sleep
InterlockedCompareExchange
InterlockedExchange
GetModuleFileNameA
MultiByteToWideChar
ReadFile
GetStringTypeA
LCMapStringW
LCMapStringA
GetOEMCP
GetCPInfo
HeapReAlloc
VirtualAlloc
HeapAlloc
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
GetStringTypeW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
CloseHandle
GetVersionExW
VirtualProtect
GetCommandLineA
RtlUnwind
GetVersion
ExitProcess
GetModuleHandleA

user32

GetDlgItem
GetCursorPos
DestroyWindow
GetSystemMetrics
EnableWindow
IsDlgButtonChecked
CheckDlgButton
SetDlgItemInt
SetFocus
SetWindowTextA
ScreenToClient
GetWindow
GetClientRect
GetTopWindow
GetDesktopWindow
GetWindowLongA
SendMessageA
SetDlgItemTextA
DestroyIcon
GetParent
EndDialog
GetFocus
ShowWindow

advapi32

RegCloseKey

gdi32

DeleteObject
GetStockObject

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a84be925d518d1cd786754081ff090ca

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 12KB - Virtual size: 44KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 12KB - Virtual size: 44KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB