10bd5c8a90ec767781a17fedae629273_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

10bd5c8a90ec767781a17fedae629273_JaffaCakes118
Size

30KB
MD5

10bd5c8a90ec767781a17fedae629273
SHA1

a12fd3269e032a7abf80b9313084d164299a13a0
SHA256

e7a45800a07fcf30af15b892416161fdbae5165e357fbfe663696f968703eb06
SHA512

a6410e131afdba6a6f8d25bc5bbe887b6b7e5986c34b5defa9b1bb9c62d855aa43b9f80aad127eda07639dc60cabdf0fe2f312373de750238bb96e0f29e38070
SSDEEP

384:yDtI/e+7VeIa2sNtKV7HjiQ0R1ukGg1AtmvAkCeql1SK74ML++k4:yDtls6tKZHTs1ulg+8vAkCeql1g9N4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10bd5c8a90ec767781a17fedae629273_JaffaCakes118

Files

10bd5c8a90ec767781a17fedae629273_JaffaCakes118
.dll windows:4 windows x86 arch:x86

875688bcfbfc32d49c9464e4071ea3f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

CreateObjrefMoniker
OleSetContainedObject
CoSwitchCallContext
SNB_UserUnmarshal

gdi32

Pie
SetLayout
GetPixel
CancelDC
GetMiterLimit
CloseEnhMetaFile
SetAbortProc
GetPaletteEntries
SetROP2
GdiGetBatchLimit
GetEnhMetaFileA
SetBkColor
GetROP2
RectVisible
GetTextFaceA

user32

IsChild
SetCursor
IsWindow
SetPropA
CreateCaret
GetScrollPos
LoadKeyboardLayoutA
GetListBoxInfo
EnumDesktopsW
IsMenu
CloseClipboard
MenuItemFromPoint
DestroyIcon
GetScrollRange
DdeFreeDataHandle
SetProcessDefaultLayout

kernel32

GetCurrentProcess
GetVersion
VirtualAlloc
GetModuleHandleW
ExitProcess
GetUserDefaultLCID
GetFileSize
GetTimeFormatW
Sleep
SetErrorMode
BackupSeek
SetLastError
GetPrivateProfileStringA
SetLastError
GetLastError
GetCommandLineW
VirtualFree
LoadResource
LocalFree
GetCurrentProcessId
GetStartupInfoW
GetSystemPowerStatus
GetPrivateProfileIntA

advapi32

GetExplicitEntriesFromAclA
InitializeAcl
RegEnumValueA
SetSecurityInfo
RegQueryValueExW
SetSecurityDescriptorSacl

msvcrt

_CIcos
log10
__initenv
__p___wargv
__p__pwctype
_safe_fprem
srand
_spawnlpe
__mb_cur_max
mktime
iswascii
_local_unwind2
__p__osver
_HUGE

Exports

Exports

Wzzafyush
MsDtEKhukbpDj
OxwtVTJOllnrhT
DaqfaXtzxevXfW

Sections

.text
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 9KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

875688bcfbfc32d49c9464e4071ea3f8

Headers

File Characteristics

Imports

ole32

gdi32

user32

kernel32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 9KB

.data Size: 2KB - Virtual size: 2KB

.idata Size: 6KB - Virtual size: 9KB

.bss Size: 9KB - Virtual size: 32KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 9KB

.data
Size: 2KB - Virtual size: 2KB

.idata
Size: 6KB - Virtual size: 9KB

.bss
Size: 9KB - Virtual size: 32KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 1KB