3b3817f3abf3b10b0aba209b7d4b7340_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3b3817f3abf3b10b0aba209b7d4b7340_JaffaCakes118
Size

217KB
MD5

3b3817f3abf3b10b0aba209b7d4b7340
SHA1

edb5efee8b730ed292baec1a7e01e41e348cd086
SHA256

2182ab291ec271495a9d8612c0443301f7e3d015647c363a3b6b235df3593b53
SHA512

f0181159a42afce9cd2198d6a7bd40a135f9e33349a175b04a47245892fac2081d3aaa50ae3d8852c533ae85d99c099791eb9de3c4018693f0ff31885513a265
SSDEEP

3072:7VLQzWziOLyYeTemaXOhlli5L/fa/WQP23HRDDxz1JUR+MHXniRzGBs0yATOUijD:+WzpIyZ4ly/G6DbJURziR/lZBK/oX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b3817f3abf3b10b0aba209b7d4b7340_JaffaCakes118

Files

3b3817f3abf3b10b0aba209b7d4b7340_JaffaCakes118
.dll windows:5 windows x86 arch:x86

6c514dfefd7ef1be1e6184c6529a6685

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Kill\Took\Sell\Buy.exe

Imports

gdi32

SetPaletteEntries
CreatePen
SetBitmapDimensionEx
TextOutA
SetDIBits
CreatePenIndirect
CreateBrushIndirect
CreatePolyPolygonRgn
GetDIBits
CreateHalftonePalette
RemoveFontResourceW

kernel32

lstrcatW
FileTimeToDosDateTime
GetLocaleInfoA
FlushFileBuffers
GetFileInformationByHandle
FormatMessageA
GlobalFindAtomA
GetStringTypeExW
CreateFileMappingA

user32

ChildWindowFromPoint
RegisterWindowMessageA
DrawIcon
MessageBoxA
WaitForInputIdle
InSendMessage
LoadBitmapA
RemovePropW
DefMDIChildProcA
ScrollWindowEx
CreateMenu
SetFocus
DialogBoxIndirectParamW
IsWindow
GetUserObjectInformationW
DrawTextExW
GetWindow
GetActiveWindow
MessageBoxExW
SendDlgItemMessageW
GetWindowTextA
EnumThreadWindows
CallWindowProcW
IsWindowVisible
SetLastErrorEx

advapi32

OpenBackupEventLogA

ole32

CoCreateGuid

Exports

Exports

_DestroyWindowDestroyWindowDestroyWindowDestroyWindowDestroyWindow@0VssUxuAVRDWxMPwWLfXfFFAYyWGtxKKKer4eertgfdgfdhgdfhgdfhjgdfgfdsdfgfd

Sections

.dbgdir
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.uityi
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sad
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dsfdc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vbvc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.weredf
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c514dfefd7ef1be1e6184c6529a6685

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

user32

advapi32

ole32

Exports

Exports

Sections

.dbgdir Size: 512B - Virtual size: 28B

.text Size: 174KB - Virtual size: 173KB

.uityi Size: 512B - Virtual size: 64B

.sad Size: 512B - Virtual size: 64B

.dsfdc Size: 1KB - Virtual size: 1KB

.vbvc Size: 512B - Virtual size: 64B

.weredf Size: 512B - Virtual size: 64B

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 33KB - Virtual size: 32KB

.reloc Size: 3KB - Virtual size: 2KB

.dbgdir
Size: 512B - Virtual size: 28B

.text
Size: 174KB - Virtual size: 173KB

.uityi
Size: 512B - Virtual size: 64B

.sad
Size: 512B - Virtual size: 64B

.dsfdc
Size: 1KB - Virtual size: 1KB

.vbvc
Size: 512B - Virtual size: 64B

.weredf
Size: 512B - Virtual size: 64B

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 33KB - Virtual size: 32KB

.reloc
Size: 3KB - Virtual size: 2KB