4045f8a20f962749634a1292866f5111_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4045f8a20f962749634a1292866f5111_JaffaCakes118
Size

168KB
MD5

4045f8a20f962749634a1292866f5111
SHA1

7cc76a2d626b106147131083d193c236d6d9bb79
SHA256

6eb82ac1d7c75c5d0f5a5af2475f73aa9fa8707e12631fefd118c49b0ad0de25
SHA512

71136e3ecbb6d70b59098e4894d3765e09713725d745caa071b7fdf43d0c3b04dfcdc3445d73bd0524a46ce88d847ec7479d28cd0d12e98e4e4aae1caa6c27cd
SSDEEP

3072:759ExQ3AjaTEcGPDQbDgqKGdV707Y3XUfFYeGw+ZgDGhOQiNX3ZHcqpKqn2jNwmq:759XAB7QQ7y7KiBeGw+GDa76XeqC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4045f8a20f962749634a1292866f5111_JaffaCakes118

Files

4045f8a20f962749634a1292866f5111_JaffaCakes118
.dll windows:4 windows x86 arch:x86

246c59cdecfde3a754f4a06a734c018b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
IsBadReadPtr
GetThreadLocale
VirtualQuery
GetFileType
FindResourceA
GetProcAddress
FreeResource
SetLastError
GetSystemDefaultLangID
lstrcmpA
SetFilePointer
VirtualAllocEx
SetEvent
MoveFileExA
GetCurrentProcess
FindFirstFileA
lstrcatA
SetErrorMode
LoadLibraryA
ExitProcess
GetCommandLineW
GetCurrentThread
GetModuleHandleA
ExitThread
FreeLibrary
LockResource
lstrlenA
GetStringTypeA
FormatMessageA
EnumCalendarInfoA
GetDiskFreeSpaceA
SetThreadLocale
VirtualFree
GetFullPathNameA
GlobalFindAtomA
lstrcmpiA
lstrcpyA
SetEndOfFile
InitializeCriticalSection
FindClose
GlobalAddAtomA
RaiseException
LoadResource
LocalAlloc
ResetEvent
CloseHandle
GetLocalTime
GetLastError
DeleteCriticalSection
MulDiv
GetModuleHandleW
HeapAlloc
CreateFileA
GetUserDefaultLCID
HeapDestroy
GetCurrentProcessId
GetFileSize
GetTickCount
ReadFile
GetLocaleInfoA
GetModuleFileNameA

msvcrt

memmove
calloc
wcscspn
wcstol
tolower

user32

SetMenu
InsertMenuItemA
GetActiveWindow
GetMenu
GetSystemMetrics
GetKeyboardLayoutNameA
SetClassLongA
EndDialog
GetIconInfo
CharNextW
IsWindowUnicode
ReleaseDC
SendMessageW
IsDialogMessageA
OpenIcon
GetCapture
LoadCursorA
UnregisterClassA
CreateMenu
GetMessagePos
SetClipboardData
DrawIconEx
IsCharLowerA
GetWindow
IsRectEmpty
OffsetRect
IsWindow
ScrollWindow
GetCursor
RegisterClassA
FindWindowA
EndPaint
SetRect
GetClassNameA
GetKeyboardState
DestroyIcon
GetWindowTextA
EmptyClipboard
GetWindowRect
EqualRect
GetMenuItemInfoA
PeekMessageW
SetScrollInfo
CallNextHookEx
GetScrollRange
GetKeyState
DestroyMenu
EnumThreadWindows
GetWindowDC
GetMenuState
ShowWindow
EnableScrollBar
SendMessageA
WaitMessage
WindowFromPoint
DrawEdge
EnumChildWindows
SetTimer
SetForegroundWindow
GetClipboardData
IsDlgButtonChecked

gdi32

GetBkMode
SaveDC
GetBkColor
LineTo

Exports

Exports

_8v8zHa

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

246c59cdecfde3a754f4a06a734c018b

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 148KB - Virtual size: 324KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 148KB - Virtual size: 324KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB