305e3a6d517adc14a19c123b03f87047_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

305e3a6d517adc14a19c123b03f87047_JaffaCakes118
Size

96KB
MD5

305e3a6d517adc14a19c123b03f87047
SHA1

bd20cd7426f3bf1a3664c214f885f686e6ec4b72
SHA256

76098265387c384655c0c4970d63dff9d22ea2710b8675d89e48f3b96dfd2377
SHA512

fd0ccd6bbbc90cc05cd8efba4d9a7eb56cb71b5ff3314abbcad314a6ba3340bf612d7140f47f280ccf08b1f1819315e0b67ae48896198722b1da6f0a8b6737c1
SSDEEP

3072:Evwc9R43PisEYsJyizv8juXbzHIdm8uwc:4A3PCvjbjGFu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
305e3a6d517adc14a19c123b03f87047_JaffaCakes118

Files

305e3a6d517adc14a19c123b03f87047_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1a0100764b79cff72f12d79e1a9c945b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalLock
QueryInformationJobObject
UpdateResourceA
SetEndOfFile
ReleaseSemaphore
SetComputerNameExA
SetCommBreak
ResetEvent
CreateFileMappingA
GetDriveTypeA
GetCurrentProcess
FlushConsoleInputBuffer
WriteConsoleOutputCharacterW
VirtualAllocEx
GetCommModemStatus
HeapDestroy
GetModuleHandleA
GetSystemTimeAdjustment
HeapLock
GetTempPathA
IsBadHugeWritePtr
GetModuleHandleA
WaitCommEvent
TlsFree
TlsAlloc
GetCurrentProcess
Heap32Next
GetFullPathNameA
GetThreadPriority
CreateWaitableTimerA
ReadConsoleA
GetComputerNameA
GetThreadPriorityBoost
GetVersionExA
GetCompressedFileSizeA
CompareFileTime
IsValidLanguageGroup
GlobalHandle
GetStringTypeA

user32

MessageBoxExA
GetMenu
EnumDisplaySettingsExA
MessageBeep
CheckDlgButton
CreateDialogParamA
GetWindow
ShowScrollBar
GetRawInputDeviceInfoA
SetFocus
SetCaretPos
ShowWindow
MapVirtualKeyA
GetWindowTextA
ToAsciiEx
CreateIconFromResourceEx
DrawFrameControl
GetDesktopWindow
SetWindowWord
SetMenuInfo
GetWindowRgn
IsCharAlphaNumericA
TrackPopupMenu
EndTask
IsWindowVisible
GetDialogBaseUnits
LoadMenuIndirectA
CharToOemBuffA
EnumWindowStationsA
DefWindowProcA
IsDlgButtonChecked
GetActiveWindow
MenuWindowProcA
MessageBoxExA
GetAltTabInfo

hid

HidD_GetPhysicalDescriptor
HidD_SetNumInputBuffers

dsound

DirectSoundCreate

Exports

Exports

AlphaBlend

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a0100764b79cff72f12d79e1a9c945b

Headers

File Characteristics

Imports

kernel32

user32

hid

dsound

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 77KB

.data Size: 53KB - Virtual size: 53KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 31KB - Virtual size: 30KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 77KB

.data
Size: 53KB - Virtual size: 53KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 31KB - Virtual size: 30KB

.reloc
Size: 3KB - Virtual size: 2KB