ef385fee6247d9d40d9fbc9ae49887fb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ef385fee6247d9d40d9fbc9ae49887fb_JaffaCakes118
Size

108KB
MD5

ef385fee6247d9d40d9fbc9ae49887fb
SHA1

8cc669af574132c7c3496a455a3a5c6d9836057b
SHA256

1aa4c713c49344713d37f0629058617db00ac1053e919848db6d7b5ef417fa99
SHA512

a7030ac87a69234f6e62ca8ed94e10cb34afca8e44c7b392b3369791eac88000401d9b1aca92659354d4d169ee0612ddbb50a26d8208a948be4df36e2a1aa024
SSDEEP

1536:oW9YeyIHW8DIeKXYU4lBSLf8Hw0MeE6knxNqQ57rEZu2Cpn+xAOYOAUEFYa6OS6K:TYeNaeWaq0oeEVqO7EqciOY7d/SnEg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef385fee6247d9d40d9fbc9ae49887fb_JaffaCakes118

Files

ef385fee6247d9d40d9fbc9ae49887fb_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2eebaa6ca897d8223be7e175d3439b32

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Q:\GoXr\mhmgx\djfo\diyQ\qrVdlPcm.pdb

Imports

kernel32

SetCommState
GetProcAddress
EnumSystemLocalesA
ConvertDefaultLocale
lstrcmpA
lstrcpyA
lstrlenA
LoadLibraryW
lstrcmpiW
lstrcpynW
EnterCriticalSection

shlwapi

StrCmpNA

gdi32

GetROP2
RestoreDC
ExtTextOutA
CreateBrushIndirect
SetPaletteEntries
DPtoLP
LineDDA

comdlg32

ChooseFontW
PrintDlgW
GetFileTitleW

user32

DrawMenuBar
GetMenuItemID
GetWindowLongW
GetScrollInfo
WaitMessage
GetDlgItemInt
CharToOemW
InternalGetWindowText
ShowScrollBar
GetKeyboardLayoutList
GetPropW
SetTimer

Exports

Exports

?NFujOwzyxbmtQexoXi@@YGXMPAF@Z
?NmvxzgG@@YGPAGK@Z
?oKlBTqC@@YGKPAJM@Z
?akaPzdmmtzKSTpnJNDGA@@YGDPAD@Z

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.temp
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 199B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2eebaa6ca897d8223be7e175d3439b32

Headers

File Characteristics

PDB Paths

Imports

kernel32

shlwapi

gdi32

comdlg32

user32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 16KB

.temp Size: 73KB - Virtual size: 73KB

.edata Size: 512B - Virtual size: 199B

.data Size: 5KB - Virtual size: 13KB

.crt Size: 5KB - Virtual size: 5KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 17KB - Virtual size: 16KB

.temp
Size: 73KB - Virtual size: 73KB

.edata
Size: 512B - Virtual size: 199B

.data
Size: 5KB - Virtual size: 13KB

.crt
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 2KB