efb502d09121273b6f6f0e2b9ef5f8c7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

efb502d09121273b6f6f0e2b9ef5f8c7_JaffaCakes118
Size

135KB
MD5

efb502d09121273b6f6f0e2b9ef5f8c7
SHA1

e20e102f528742c37d170592f75ecfaf75f8c46d
SHA256

c2b08a9353fcae1fb3da2af6dcbf35682ffabb8e8fa2ae4ed532425a6c830bf8
SHA512

b26f2f1916f27706921cb9e54736d8d9266bb3af007a4efd19ced21a7fcfac0c45315c16d5c5b5bd362f51566d225c7c14b08de00cd5f20a743594822bc8ea24
SSDEEP

3072:tEKI5BEW7Y13v2sBxKqnEOe3SOV2L7/cXblarXSaWoFA99nNnygU:tEKmQ2nP3N4tiaWDtNnnU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efb502d09121273b6f6f0e2b9ef5f8c7_JaffaCakes118

Files

efb502d09121273b6f6f0e2b9ef5f8c7_JaffaCakes118
.dll windows:5 windows x86 arch:x86

4e9c072c72aed5a170843924c4377156

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

strspn
wcspbrk
_chkstk

shell32

ord183
SHGetMalloc
SHFreeNameMappings
SHGetIconOverlayIndexW

shlwapi

StrChrW

kernel32

GetModuleHandleExW
WaitForSingleObject
GlobalFindAtomA
GetFileAttributesA
GetExitCodeProcess
HeapQueryInformation
ExitThread
BackupRead
CopyFileA
LoadLibraryA
CloseHandle
CreateMutexW
UpdateResourceA
GlobalDeleteAtom
lstrcpynA

user32

CharToOemW
DrawTextExW
IsClipboardFormatAvailable
CascadeWindows
SetWindowRgn
GetNextDlgGroupItem
GetClipboardFormatNameW
RedrawWindow
GetClipboardViewer
GetDlgItemTextA
PeekMessageA
ValidateRect
EmptyClipboard

gdi32

CloseFigure
StrokePath
GetMiterLimit
ExtCreatePen
PtInRegion
CreateCompatibleDC
CreateRectRgn
PlgBlt
GetBrushOrgEx
CreateColorSpaceW

ole32

OleSetAutoConvert
CoInitialize
OleCreateEmbeddingHelper
CreateDataAdviseHolder
CoFileTimeNow
CoUninitialize

Exports

Exports

?JHfkedHGfhjgfHGkjfgfgf@@YGKKKK@Z
?KJfjdHJfjkdhgdjHGhkjfdgf@@YGKKK@Z
?VXbvHGfhsdfhHGhfgfgff@@YGKK@Z

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.newdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e9c072c72aed5a170843924c4377156

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

shell32

shlwapi

kernel32

user32

gdi32

ole32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 1024B - Virtual size: 648B

.newdata Size: 512B - Virtual size: 512B

.imports Size: 3KB - Virtual size: 2KB

.rsrc Size: 122KB - Virtual size: 121KB

.reloc Size: 1024B - Virtual size: 574B

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 1024B - Virtual size: 648B

.newdata
Size: 512B - Virtual size: 512B

.imports
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 122KB - Virtual size: 121KB

.reloc
Size: 1024B - Virtual size: 574B