ffa012a437779207b71124361722229b_JaffaCakes118

General

Target

ffa012a437779207b71124361722229b_JaffaCakes118
Size

36KB
MD5

ffa012a437779207b71124361722229b
SHA1

8bc3ea806c7bf3480f75458233e8741947640c20
SHA256

14afeb32f74f426aa165560d5fa333b3ada26a606a9acd1ff00b4c20aaaea695
SHA512

4b6f2f21b5a138fa3516ca42466a6d6d3c463e9aeb4c9f79a7920ae714a3d1497f2cd451bf4df3840b8bdef9781297aad72cc85791b77eeb6f0d9db1691e56a2
SSDEEP

384:9Rn9q8LdvjBTgylT5TC9pomUmlj08VTVKiy3jDCwEoZo9KVU1q:9RcohggTsLoiTjyDCwdZo9f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffa012a437779207b71124361722229b_JaffaCakes118

Files

ffa012a437779207b71124361722229b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

eefdb5f43947f53dcc5e2e98dbf29142

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalDeleteAtom
TlsGetValue
GetStdHandle
SetHandleCount
RtlUnwind
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
VirtualAlloc
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
GlobalAddAtomA
GetEnvironmentStrings
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
VirtualFree
GetEnvironmentStringsW
HeapDestroy
HeapCreate
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection

user32

RegisterWindowMessageA
UnhookWindowsHookEx
SetWindowsHookExA
RemovePropA
GetClientRect
PostMessageA
GetWindowRect
IsWindowVisible
GetUpdateRgn
ClientToScreen
GetPropA
SetPropA
GetCursor
CallNextHookEx
EnumWindows
MessageBoxA

gdi32

GetRegionData
CreateRectRgn
DeleteObject

Exports

Exports

SetHook
SetKeyboardFilterHook
SetMouseFilterHook
UnSetHook

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SharedD
Size: 4KB - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eefdb5f43947f53dcc5e2e98dbf29142

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.SharedD Size: 4KB - Virtual size: 32B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.SharedD
Size: 4KB - Virtual size: 32B

.reloc
Size: 4KB - Virtual size: 1KB