0682c16cc9db6254bb804a2f8c27248d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0682c16cc9db6254bb804a2f8c27248d_JaffaCakes118
Size

174KB
MD5

0682c16cc9db6254bb804a2f8c27248d
SHA1

ac13d8829f8d81ae2a74c9fc97b07328e87cf128
SHA256

6b2f92da932179dc1c973707a05dc82c9a4a0482e2c4b82f5f36a36a5f8b6deb
SHA512

939ff0e4498ce7b6655a1ae1647785257ad57f0ec5d0dacd05d5fb0a43c76a3784348d0e48c85f20b5027ed91d65da0dd75b72f33d70bea8e3b7e3854f3955ab
SSDEEP

3072:jyFNVlUxX4wWzlYkSZDF+D7bYRPwkuaobcbR4axIe4tj1GoYACYFnYjvp:W/XH9lYHZD0/3bcbmaxIe4DGJACYBYjv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0682c16cc9db6254bb804a2f8c27248d_JaffaCakes118

Files

0682c16cc9db6254bb804a2f8c27248d_JaffaCakes118
.dll windows:5 windows x86 arch:x86

f57fcc03a3fd5943ff073c44931ec008

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Stvy\Scoppfu\XdpO.pdb

Imports

user32

GetClassLongA
CharNextW
SetScrollInfo
GetMenu
RegisterClassExA
GetKeyboardLayoutNameW
ShowWindowAsync
WaitMessage
TranslateAcceleratorW
GetWindow
IsCharUpperA
RegisterClassA
MenuItemFromPoint
LoadCursorW

gdi32

GetRgnBox
GetWindowOrgEx
StretchBlt
CreatePolygonRgn
Ellipse
CreateFontA
SetViewportOrgEx
TranslateCharsetInfo

kernel32

GetStringTypeW
FileTimeToLocalFileTime
GetModuleHandleW
CloseHandle
CreateEventA
GetSystemWindowsDirectoryA
GetProcAddress
SetStdHandle
UnhandledExceptionFilter
GetVersionExA
GetTickCount
DeleteFileW
CreateEventW
GetModuleHandleA
GetThreadLocale

comdlg32

PrintDlgExW
PageSetupDlgW

Exports

Exports

?hidbwxP@@YGPAIM@Z
?SGnSJwtdGFaxoZtucl@@YGPAIH@Z
?VwLqocxdbMXfejLUgYYxmS@@YGMPADPAG@Z
?tfomheVjxsgKent@@YGXEPAH@Z
?gbumCmXlEyiSTOgMieC@@YGJMI@Z
?bRvzrlaj@@YGEK@Z
?UnDlBloskPFmOgozvxcqe@@YG_NPAGPAK@Z

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 326B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f57fcc03a3fd5943ff073c44931ec008

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

kernel32

comdlg32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 2KB - Virtual size: 82KB

.edata Size: 512B - Virtual size: 326B

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 146KB - Virtual size: 146KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 2KB - Virtual size: 82KB

.edata
Size: 512B - Virtual size: 326B

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 146KB - Virtual size: 146KB

.reloc
Size: 2KB - Virtual size: 2KB