045743c94735687ad4a7b9746ba206a6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

045743c94735687ad4a7b9746ba206a6_JaffaCakes118
Size

321KB
MD5

045743c94735687ad4a7b9746ba206a6
SHA1

60d06cf69e1d14c68cb8d3f04e0a7fb2d8e2d3a0
SHA256

cef41ce6fd42f64bbe79ccce37e37fff6d2b06e06cc83e4e7616daa9a997c86c
SHA512

a4298029ffa3be5f77ca79d57acb4267a29b96a951a6885412ff018ce25644e1de3f419d6c122d05387e21ea321d49dbdfbcff7d9d3309d380c1f02009a89490
SSDEEP

6144:MqMjYt3z7rtNr4TpFCZbJzHbGFtOjZHg0IhbYvfXVlhrAiPBmPB:MqM8tD7rtNICbbSFkFSbEXNkis

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
045743c94735687ad4a7b9746ba206a6_JaffaCakes118

Files

045743c94735687ad4a7b9746ba206a6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

80ad03e58127a213d7daed04f9db0449

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCommandLineA
ExitThread
LoadLibraryA
GetLastError
GetModuleHandleA
LoadLibraryExA
lstrlenA
VirtualAlloc
LocalAlloc
IsBadHugeReadPtr
GetVersionExA
GetProcAddress
GetCommandLineW
ExitProcess
IsBadReadPtr

gdi32

CreateBitmap
GetDIBColorTable
GetDIBits
CopyEnhMetaFileA
GetClipBox
BitBlt
RestoreDC
GetObjectA
GetBitmapBits

user32

SetRect
SetScrollPos
SetScrollInfo

version

GetFileVersionInfoA

Sections

CODE
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RSRC1
Size: 1KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RSRC5
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RSRC6
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RSRC9
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RSRC2
Size: 1024B - Virtual size: 566B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RSRC8
Size: 1024B - Virtual size: 727B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80ad03e58127a213d7daed04f9db0449

Headers

File Characteristics

Imports

kernel32

gdi32

user32

version

Sections

CODE Size: 104KB - Virtual size: 103KB

.data Size: 199KB - Virtual size: 199KB

RSRC1 Size: 1KB - Virtual size: 73KB

RSRC5 Size: 1KB - Virtual size: 1KB

RSRC6 Size: 2KB - Virtual size: 1KB

RSRC9 Size: 2KB - Virtual size: 1KB

RSRC2 Size: 1024B - Virtual size: 566B

RSRC8 Size: 1024B - Virtual size: 727B

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 644B

CODE
Size: 104KB - Virtual size: 103KB

.data
Size: 199KB - Virtual size: 199KB

RSRC1
Size: 1KB - Virtual size: 73KB

RSRC5
Size: 1KB - Virtual size: 1KB

RSRC6
Size: 2KB - Virtual size: 1KB

RSRC9
Size: 2KB - Virtual size: 1KB

RSRC2
Size: 1024B - Virtual size: 566B

RSRC8
Size: 1024B - Virtual size: 727B

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 644B