262f31a839e233f808d1be156ed3402d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

262f31a839e233f808d1be156ed3402d_JaffaCakes118
Size

440KB
MD5

262f31a839e233f808d1be156ed3402d
SHA1

904674c5c4f97986c81267e2c7e2f79c1e353952
SHA256

784547b5a3664c2a010d457477cb0873fdeac51483030143c1fd3aca56fa6cc7
SHA512

29f5a32b99ea85f2fa2770afd03853ea0830dc8e8ffb8eddba7e740503665778aaa2999d502a3f68d5528dcbb8587ea89dde987cabe6aef2a3c0972f1f2e8db0
SSDEEP

12288:a4ouL2lTFux1y7rL9ixoMegfXoEdUtuPg9qLfiQooQjjfiCcB74S:a4ob776fYPtuPeqLiQoPjjfgB7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
262f31a839e233f808d1be156ed3402d_JaffaCakes118

Files

262f31a839e233f808d1be156ed3402d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

61b908cff586c95ec1b907e4234dcbef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

malloc
_ftol
sprintf
atof
_stricmp
_adjust_fdiv
_initterm
free
_onexit
rand
_purecall
??3@YAXPAX@Z
atol
__dllonexit
atoi
sscanf
_putenv
strstr
??2@YAPAXI@Z
strchr
memmove
tolower
realloc
_vsnprintf
_ismbcspace
strncmp
strtok
strtol
strncpy
isdigit
isspace
strtod
printf
strrchr
_mbctype
_getmbcp
islower
_strcmpi

kernel32

lstrcpyA
FreeLibrary
GlobalLock
GetLastError
LoadLibraryA
LocalFree
GlobalUnlock
GetProcAddress
MultiByteToWideChar
GetModuleFileNameA
lstrcmpiA
LocalAlloc
GetCurrentProcessId
GlobalDeleteAtom
GlobalAddAtomA
lstrcpynA
lstrlenA
WideCharToMultiByte
GetModuleHandleA
InterlockedIncrement
SetErrorMode
GetTickCount
CreateFileA
GetFileSize
CloseHandle
InterlockedDecrement
GetVersionExA

user32

UpdateWindow
GetSysColor
FillRect
DrawTextExA
DrawFocusRect
PtInRect
LoadBitmapA
GetClassNameA
GetParent
ShowWindow
SetWindowPos
UnpackDDElParam
SystemParametersInfoA
ClientToScreen
GetWindowRect
FindWindowExA
MessageBoxA
GetLastActivePopup
GetActiveWindow
GetSystemMetrics
IntersectRect
CharNextA
ReleaseDC
GetDC
InvalidateRect
RedrawWindow
SetRect
CharPrevA
ReleaseCapture
SetCapture
GetClientRect
GetWindowLongA
SetWindowLongA
SetWindowTextA
EnableWindow
IsRectEmpty
MapWindowPoints
ReuseDDElParam
PostMessageA
GetWindowThreadProcessId
SendMessageA
GetFocus
IsChild
SetFocus
DefWindowProcA
LoadIconA
RegisterClassA
OffsetRect

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

gdi32

CreateFontIndirectA
GetClipBox
GetDCOrgEx
GetStockObject
CreateSolidBrush
CreateCompatibleDC
SelectObject
BitBlt
SetTextColor
SetBkMode
GetObjectA
DeleteDC
GetDeviceCaps
GetTextMetricsA
CreateDCA
DeleteObject
GetTextFaceA
SetBkColor
GetTextExtentPoint32A

comctl32

ord17
InitCommonControlsEx

shell32

ShellExecuteExA
SHGetDesktopFolder
SHGetMalloc

Exports

Exports

RMACreateInstance
RMAShutdown
SetDLLAccessPath

Sections

.text
Size: 348KB - Virtual size: 346KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

61b908cff586c95ec1b907e4234dcbef

Headers

File Characteristics

Imports

pncrt

kernel32

user32

advapi32

gdi32

comctl32

shell32

Exports

Exports

Sections

.text Size: 348KB - Virtual size: 346KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 32KB - Virtual size: 31KB

.text Size: 132KB - Virtual size: 132KB

.text
Size: 348KB - Virtual size: 346KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 32KB - Virtual size: 31KB

.text
Size: 132KB - Virtual size: 132KB