ef077799fffcc33bb3b45ecbddb1a764_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ef077799fffcc33bb3b45ecbddb1a764_JaffaCakes118
Size

80KB
MD5

ef077799fffcc33bb3b45ecbddb1a764
SHA1

1c61bf777f418c547fce3a5bad63ad6afb8fdfc2
SHA256

78d6fc101b8718cc71900e7a1d992cd538a1c7eaa0038221359e525e5171c3a6
SHA512

a31bb6f3836c26905417c2d5ca7329f714ee4ca45f31e45767436775f0330f3d7820b4aa0f5b26d5f2ee7c53c595eb46063e7b02c753bf2f91608650f84c4031
SSDEEP

1536:cOmZbcewGa5V/SEeIdXRZ2vpUyXXO/5My8zeOD6Ec0:cOmZwl5gEeIdhmmynOmzxD6Ec

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef077799fffcc33bb3b45ecbddb1a764_JaffaCakes118

Files

ef077799fffcc33bb3b45ecbddb1a764_JaffaCakes118
.dll windows:4 windows x86 arch:x86

66ef75002e42ea1119621a754ec934c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
HeapAlloc
VirtualQuery
InterlockedIncrement
ExitProcess
CopyFileA
GetProcAddress
Sleep
CreateFileMappingA
LocalFree
UnmapViewOfFile
GetSystemDirectoryA
SetLastError
CloseHandle
lstrlenA
GetLogicalDriveStringsA
CreateMailslotW
IsBadCodePtr
GetTempPathA
ResetEvent
CreateMutexW
ReadConsoleA
CreateNamedPipeW
GetSystemTimeAdjustment
GetCommandLineW
SetWaitableTimer
GetEnvironmentStringsW
ReadFileEx
CreateJobObjectW
SetupComm
HeapCompact
GlobalFindAtomW
SizeofResource
GetLongPathNameW
SetNamedPipeHandleState
GetVersion
LockFile
MoveFileW
OpenSemaphoreA
ReadFile
GetThreadPriority
SetHandleCount
ChangeTimerQueueTimer
SetCommTimeouts
SetConsoleWindowInfo
SetMailslotInfo
LCMapStringA
GetDiskFreeSpaceW
WriteConsoleW
GetLogicalDriveStringsW
CreateHardLinkW
FindResourceA
lstrcmpW
FindResourceExA
FindClose

ole32

OleLoadFromStream
CoCreateFreeThreadedMarshaler
CreateFileMoniker
PropVariantClear
OleInitialize
OleDraw
StringFromIID
OleCreateFromFile
CoLockObjectExternal
CoMarshalInterface
GetHGlobalFromStream
CoInitializeEx
IIDFromString
StringFromGUID2
CoUninitialize

user32

BeginDeferWindowPos
AllowSetForegroundWindow
ReleaseDC
IntersectRect
DestroyAcceleratorTable
DrawAnimatedRects
GetWindowWord
GetNextDlgGroupItem
EnableMenuItem
DeleteMenu
CreateIconIndirect
SetSysColors
LoadImageA
DefMDIChildProcW
CopyRect
KillTimer
GetClassNameA
SetTimer
FindWindowExW
GetScrollBarInfo
FlashWindow
SendNotifyMessageW
GetWindowRgn
FillRect
UnionRect
RemovePropA
CreateAcceleratorTableA
GetTopWindow
GetPropA
SetMessageQueue
OpenInputDesktop
SendMessageTimeoutW
GetDlgItemInt
SetParent
GetComboBoxInfo
GetWindowTextLengthW
SetWindowLongA
DrawTextA
SwitchToThisWindow
GetInputState

Exports

Exports

CPlApplet

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

66ef75002e42ea1119621a754ec934c7

Headers

File Characteristics

Imports

kernel32

ole32

user32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB