3856b133b0b627720448950bce1c7217_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3856b133b0b627720448950bce1c7217_JaffaCakes118
Size

189KB
MD5

3856b133b0b627720448950bce1c7217
SHA1

5aa69f2432a410ef50c8ab6ca0255ab6560aba82
SHA256

c94c8d44ba20a35321065783f8fed4f9b0ee3435987d8238c9e0e1977e3bfdca
SHA512

b21742dd05bbeaeb102766a95b1ac6244caaf9d12f8ab2f2d28e596b7059905cdba4969968853231180e7b09c65c6d5291a23c524c51c279077f9e7e3b147369
SSDEEP

3072:A+tdVZxRdmTd1CCBoZXEwgtIg+Z0otar9CTASM+/eHnKsRrRQiaUK/wLM34IWHUx:A+tdVZxRSdxESIgfwa9CTpMkeHtRrwkH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3856b133b0b627720448950bce1c7217_JaffaCakes118

Files

3856b133b0b627720448950bce1c7217_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ccdb05b5e714a355b1b289a6d2629771

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetParent
OffsetRect
IntersectRect
SetWindowLongA
InflateRect
GetWindowLongA
DefWindowProcA
SetWindowLongW
GetWindowPlacement
TrackPopupMenu
ReleaseDC
SetWindowPos
GetFocus
GetKeyNameTextA
DrawIconEx
GetWindowTextA
CallWindowProcA
IsCharUpperA
IsWindowEnabled
OpenClipboard
IsWindowVisible
IsWindow
UpdateWindow
GetCapture
GetLastActivePopup
GetMenuItemInfoA
CreateMenu
GetMenuItemID
SetActiveWindow
SetMenuItemInfoA
CharUpperBuffA
wsprintfA
IsMenu
GetMenu
SetTimer
CharNextA
UnregisterClassA
FrameRect
GetClientRect
SetScrollPos
GetWindowRect
EnableScrollBar
LoadIconA
TranslateMDISysAccel
IsCharLowerA
DrawIcon
KillTimer
FindWindowA
DefFrameProcA
DrawMenuBar
GetActiveWindow
InsertMenuItemA
SetCursor
RegisterClipboardFormatA
MoveWindow
GetKeyboardLayoutList
CharLowerA
GetDesktopWindow
ReleaseCapture
SetScrollRange
SystemParametersInfoA
CreateIcon
GetMenuStringA

comctl32

ImageList_GetBkColor
ImageList_Destroy
ImageList_Read
ImageList_Remove
ImageList_Add

msvcrt

_acmdln
wcstol
memset
mbstowcs
exit
memcpy
calloc

kernel32

VirtualAlloc
SetErrorMode
GetCurrentThreadId
GetTempPathA
WideCharToMultiByte
LocalReAlloc
GlobalDeleteAtom
CreateEventA
lstrcmpA
GetModuleHandleA
FindResourceA
WriteFile
GetStartupInfoA
LoadLibraryA
LocalAlloc
SetEvent
GetLocaleInfoA
ExitProcess
GetLastError
FreeLibrary
SetEndOfFile
ReadFile
SetHandleCount

Exports

Exports

_J6_l1TnEe@24
_tDg3nBeM@4
_jHJSJr9fN3Atid@12
g0ibhEy@24
e74j6yiuztCSL
_Jncr4Cx9fN
Y5SacpWsjio@24
1XhQoxKN5NX7V
_tEnp880rrhSl5p@12
_QixijjJ9@16
_mke9UlKhR@20

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.abdata
Size: 512B - Virtual size: 497B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccdb05b5e714a355b1b289a6d2629771

Headers

File Characteristics

Imports

user32

comctl32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 9KB - Virtual size: 141KB

.data Size: 149KB - Virtual size: 149KB

.abdata Size: 512B - Virtual size: 497B

.edata Size: 512B - Virtual size: 320B

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 9KB - Virtual size: 141KB

.data
Size: 149KB - Virtual size: 149KB

.abdata
Size: 512B - Virtual size: 497B

.edata
Size: 512B - Virtual size: 320B

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 2KB - Virtual size: 1KB