0f4fefc86866e2bb53cf3f080cb95dff_JaffaCakes118

General

Target

0f4fefc86866e2bb53cf3f080cb95dff_JaffaCakes118
Size

1.7MB
MD5

0f4fefc86866e2bb53cf3f080cb95dff
SHA1

cdcfa4a8cb3cfae8ca8f1fcabe3ebdf97df9b2d0
SHA256

0dbf1a4c19e35da4519b7209b2a4dab36bfe412b12b7c1eeb87e1134d5a5fb97
SHA512

e7978d969201fca0d4e581eef7e0c55e417b4c332f2a6faa05367e8fcf2bee27669256a891fc92955a4669d2e2d2dc59a3aaddfae5659279f2f14bb297055353
SSDEEP

24576:l9lmhrvrqAHYld6BHkR/5XtX4itJ6aVww4lBHYqUu5GGB7PprQhYxGt7NcOjyzE4:TkfHBBi5tIWV343H9yGV9GdNcOt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f4fefc86866e2bb53cf3f080cb95dff_JaffaCakes118

Files

0f4fefc86866e2bb53cf3f080cb95dff_JaffaCakes118
.dll windows:4 windows x86 arch:x86

49cc4703f351019d38968cc9175a8b81

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

GetDCOrgEx
LineTo
GetBkColor
GetGraphicsMode
FillRgn
EnumFontFamiliesW
SetBrushOrgEx
RestoreDC
GetClipBox
GetPixelFormat
BeginPath
GdiProcessSetup
GdiEntry12
EnumMetaFile
SetVirtualResolution
Escape

kernel32

OpenFile
VirtualAlloc
AddAtomA
GetStringTypeA
Beep
GetVolumeInformationW
TerminateThread
FreeEnvironmentStringsA
SetThreadContext
GetTimeZoneInformation
IsBadReadPtr
TransmitCommChar
LocalSize
SetDefaultCommConfigW
GetFullPathNameA
GetTempFileNameA
DebugBreak
SearchPathA
WriteFile

msvcrt

__lc_handle
_msize
_atoi64
_callnewh
_wenviron
_ftol
_read
bsearch
strtok
_dup
_mbslen
exit
__unguarded_readlc_active
swscanf
time

ieakeng

DisplayADMItem
DestroyADMWindow
ModifyRatings
GetFavoritesMaxNumber
CheckField
GetFavoritesNumber
BToolbar_Edit

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 5KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 1.7MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49cc4703f351019d38968cc9175a8b81

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

msvcrt

ieakeng

Sections

.text Size: 18KB - Virtual size: 18KB

.CRT Size: 5KB - Virtual size: 34KB

.orpc Size: 1.7MB - Virtual size: 1.8MB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 18KB - Virtual size: 18KB

.CRT
Size: 5KB - Virtual size: 34KB

.orpc
Size: 1.7MB - Virtual size: 1.8MB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 3KB