ea42d75c184d6a37685edfeda3de7cf4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ea42d75c184d6a37685edfeda3de7cf4_JaffaCakes118
Size

123KB
MD5

ea42d75c184d6a37685edfeda3de7cf4
SHA1

741482f31f52aae83ab7ae605206a305acce11e0
SHA256

1c0f3ca494812bbcf214d50809b82d2f5eab91222c09abbfb1841b630f9e63e4
SHA512

59aab2269f13894df2e6ec1e807fb6a7afa897697ecaa79d3cfb324422f0d4f0109f11a05f7fc93d9a8e68f1c8e3612ab7b64f1e533172711f01b98bbb9561ed
SSDEEP

3072:oTNtqkdjiyRJ8LY9mNWGSFJKUSz+zE2lcL5WcVQ03I3znS7:opTuyRqLY9RJKpOcXu0Ym

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea42d75c184d6a37685edfeda3de7cf4_JaffaCakes118

Files

ea42d75c184d6a37685edfeda3de7cf4_JaffaCakes118
.dll windows:5 windows x86 arch:x86

950fa5f68de63c98356bfeedadae7b0d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\qYwLzvulVsDosYTf\caYjswngAkJmSSlC\twsLlkumezhHBwsuwpsRa\kzreRVJUegrqccwfyzcF\ypkbGpvGhOEhsezQh\KoyyQdmhSlIaeFT.pdb

Imports

comctl32

CreateToolbarEx
PropertySheetW
ImageList_Create

user32

IsMenu
GetMessageExtraInfo
SetWindowLongA
GetNextDlgTabItem
InternalGetWindowText
DestroyCaret
RedrawWindow
CharNextA
LoadCursorW
LookupIconIdFromDirectory
BeginPaint
GetUpdateRect
GetNextDlgGroupItem
GetMenuItemCount
DrawTextExW
EnableWindow
GetDlgItemInt
GetAsyncKeyState
IntersectRect
BringWindowToTop
IsWindowVisible
OpenDesktopW
GetFocus
CopyRect
GetClassInfoExA
GetDoubleClickTime
GetUserObjectInformationA
GetMessageA

shell32

ord195
ord196

comdlg32

GetFileTitleW
ReplaceTextW

shlwapi

StrChrIW

gdi32

OffsetRgn
SelectPalette
FillRgn
CreateBrushIndirect
RectInRegion
ExtTextOutA
PolyBezier
Ellipse
GetDIBits
GetDIBColorTable
LineTo
CreateCompatibleBitmap

kernel32

SetCurrentDirectoryA
FindResourceExW
ConvertDefaultLocale
LocalUnlock
GetFileTime
CreateNamedPipeA
lstrcpyW
GetModuleHandleW
lstrcmpiA
CreateWaitableTimerA
GlobalFindAtomW
GetStartupInfoW
CompareStringW
GetLocaleInfoA
GetCurrentDirectoryW
AddAtomW

Exports

Exports

AlphaBlend
?DufiluIOQF67uiofYIFYfUFyf@@YGKEPA_WG@Z

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

950fa5f68de63c98356bfeedadae7b0d

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

shell32

comdlg32

shlwapi

gdi32

kernel32

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 64KB

.rdata Size: 28KB - Virtual size: 28KB

.mdata Size: 11KB - Virtual size: 11KB

.data Size: 15KB - Virtual size: 154KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 65KB - Virtual size: 64KB

.rdata
Size: 28KB - Virtual size: 28KB

.mdata
Size: 11KB - Virtual size: 11KB

.data
Size: 15KB - Virtual size: 154KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB