3e4fef86419c5d5ef22500f01f43bb53_JaffaCakes118

General

Target

3e4fef86419c5d5ef22500f01f43bb53_JaffaCakes118
Size

19KB
MD5

3e4fef86419c5d5ef22500f01f43bb53
SHA1

ca7afdacdd4feca34ec6f86867422f4871688a78
SHA256

0ecae6710badc16b76749c8d254b3c3892f7e27c08d095b6ec6d9d299c5ba7a8
SHA512

17f705bf55c4ab76cd6bc8b1513735f8115e207ae1e18d748eee0a9b9a221221f061edbd3aeaed58f461ccdf48c5c53b3e9f6f37d4755f44e09236d9fb77c566
SSDEEP

384:NkOCjE3y3+urpyvBkMfRnY4rpuVigD+PuH:NZq+EgvBkMJnY4rp4dH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e4fef86419c5d5ef22500f01f43bb53_JaffaCakes118

Files

3e4fef86419c5d5ef22500f01f43bb53_JaffaCakes118
.dll windows:4 windows x86 arch:x86

db661bffbafc85f9e635a91d78749bed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
_initterm
free
_beginthreadex
strncpy
??2@YAPAXI@Z
memset
??3@YAXPAX@Z
strchr
strcmp
memcpy
strrchr
fopen
fseek
_strrev
_stricmp
fread
fclose
malloc
__CxxFrameHandler
abs
sprintf
strlen
strstr
strcat
wcscmp
wcscpy
atoi
strcpy
_getpid

kernel32

WaitForSingleObject
GetFileSize
VirtualProtect
CreateToolhelp32Snapshot
Thread32First
TerminateThread
Thread32Next
GetModuleFileNameA
GlobalAlloc
GlobalLock
CreateFileA
WriteFile
GlobalUnlock
GlobalFree
GetSystemDirectoryA
CreateThread
WideCharToMultiByte
WritePrivateProfileStringA
GetTempPathA
DeleteFileA
Sleep
GetPrivateProfileStringA
CloseHandle
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetModuleHandleA

user32

GetDC
GetClientRect
GetClassNameA
GetWindowTextA
ReleaseDC
GetWindowRect
GetDesktopWindow
EnumWindows

ws2_32

WSACleanup
closesocket
WSAStartup
inet_ntoa
gethostbyname
connect
htons
send
socket
recv
inet_addr

gdi32

SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
BitBlt
GetDIBits
RealizePalette
SelectPalette
GetStockObject
GetObjectA
DeleteDC
GetDeviceCaps
CreateDCA

gdiplus

GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipFree
GdipAlloc
GdipCloneImage
GdipSaveImageToFile
GdipDisposeImage
GdipLoadImageFromFile

Exports

Exports

DriverProc
modMessage
modmCallback

Sections

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db661bffbafc85f9e635a91d78749bed

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

ws2_32

gdi32

gdiplus

Exports

Exports

Sections

.data Size: 17KB - Virtual size: 16KB

.reloc Size: 1KB - Virtual size: 1KB

.data
Size: 17KB - Virtual size: 16KB

.reloc
Size: 1KB - Virtual size: 1KB