0ba3585467075a73fd2d7bcd6cb48ae7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0ba3585467075a73fd2d7bcd6cb48ae7_JaffaCakes118
Size

126KB
MD5

0ba3585467075a73fd2d7bcd6cb48ae7
SHA1

009158e4f06305508010898dcc9285e8f96571b5
SHA256

ab5da5acadda9b862fe7324d9987e099cbb4170384e38842281438a12c1be0e3
SHA512

ffc45f2fae7cafc919ddc3a18e19c034f45d796a8e2559c548f5479ab9cc7bd590c0fdc0fd82f15b6d540154a3e4fb1ee43486668bf19ab511f2ab88e4ffc1c0
SSDEEP

3072:VOdbfKla0uVNYWTDuYAqL8PVH3PSxORMTVm1TB:Vla0kMqUh8bM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ba3585467075a73fd2d7bcd6cb48ae7_JaffaCakes118

Files

0ba3585467075a73fd2d7bcd6cb48ae7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6ff20db5fef69c963581839aa5be540d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

SetBkMode
DeleteDC
GetTextMetricsW
SelectPalette
CreatePen
GetTextExtentPoint32W
TextOutW
GetStockObject
GetTextExtentPointW
CreateCompatibleDC
LineTo
SetStretchBltMode
GetObjectA

kernel32

DisableThreadLibraryCalls
ExitThread
GetFileType
GetComputerNameExW
CreateFileMappingW
ExpandEnvironmentStringsW
CreateMutexW
SetErrorMode
GetFileAttributesA
LoadLibraryW
ReleaseMutex
OutputDebugStringA
GetFileInformationByHandle
VirtualProtect
VirtualAlloc
VirtualProtect
AddConsoleAliasA
EnterCriticalSection
AddLocalAlternateComputerNameA
GetLocaleInfoA
TerminateThread
QueryPerformanceCounter
VirtualFree
lstrcpyA
GetModuleHandleA
SetUnhandledExceptionFilter
ReadFile
GetProcAddress
LoadLibraryExW
SetFilePointer
WideCharToMultiByte
CreateThread
DeleteCriticalSection
GetCommandLineW
InitializeCriticalSection
SetFileTime

msvcrt

__CxxFrameHandler
exit
_ftol
__dllonexit
_c_exit
fprintf
memset
towupper
memcpy
toupper
memmove
_except_handler3
_initterm
malloc
_wcsicmp
swprintf
_vsnwprintf
__set_app_type
_wcmdln
__p__commode
_vsnprintf
__getmainargs
strncpy
strchr
free
isalpha
__wgetmainargs
_adjust_fdiv
__p__fmode

opengl32

glNormal3bv
glRectf
glStencilOp
glColor4dv
glRasterPos4dv
glStencilMask
glRasterPos4i

user32

GetDesktopWindow
SetFocus
GetSystemMenu
ClientToScreen
GetMessageW
MoveWindow
ValidateRect
SetWindowsHookExW
SetWindowTextA
CreateWindowExW
GetSysColor
RegisterClipboardFormatW
SendMessageW
IsRectEmpty
SetWindowLongW
ShowCursor
SetForegroundWindow
DefWindowProcA
IsDlgButtonChecked
DrawEdge
DefWindowProcW
MessageBeep
DrawIcon
WinHelpW
GetDlgItemInt
CreateWindowExA
CheckRadioButton
DispatchMessageW

Exports

Exports

SmqErcntjk
IrbxdgdVnbhcuSsdxEfl
VfwypdHfmakKtykUw

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ff20db5fef69c963581839aa5be540d

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

msvcrt

opengl32

user32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 68B

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 116KB - Virtual size: 116KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 68B

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 116KB - Virtual size: 116KB

.rsrc
Size: 3KB - Virtual size: 2KB