4389dbfc89682df45ebbd35c6bd8cf53_JaffaCakes118

General

Target

4389dbfc89682df45ebbd35c6bd8cf53_JaffaCakes118
Size

63KB
MD5

4389dbfc89682df45ebbd35c6bd8cf53
SHA1

2890cca388c56dfac01c77bc40011ff88f47465f
SHA256

f4a2fd7fddf321d8a29dff6fc8495f577764103575b666a21a17cfdd425d8d8a
SHA512

ea82cd2ba608609b67e5bc1edea61278819dec4de7a95637171447f6361582501c116d92577ded4ec7b0d8505eb3063cd5e6d1a3d98362ea003fa816220af67e
SSDEEP

1536:FXbePdMeNAd7OxQ23hzoJXAFcnLdqS/s0y1Lptfs:tud81ON3hPcnRZsf1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4389dbfc89682df45ebbd35c6bd8cf53_JaffaCakes118

Files

4389dbfc89682df45ebbd35c6bd8cf53_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4294afc95c2bbc0603a787e83ac55d08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
GetSystemDefaultUILanguage
GetCurrentDirectoryA
CreateMailslotA
OutputDebugStringA
WriteFileEx
GetModuleHandleA
LocalHandle
SetUnhandledExceptionFilter
SetEndOfFile
GetPrivateProfileStringW
LocalReAlloc
CreateMailslotW
GetVolumePathNameW
OpenFile
ReadFile
VerifyVersionInfoW
RemoveDirectoryA
LoadLibraryA
ExitProcess

msvcrt

_fgetchar
_setmaxstdio
exit
memcpy
vfwprintf
ispunct
??4exception@@QAEAAV0@ABV0@@Z
is_wctype
gmtime
isgraph
_wmakepath
_ismbbkana
_adj_fprem
strftime
memset
_stat64
_wspawnlp
_execve

gdi32

EqualRgn
CreateFontIndirectW
GetTextExtentExPointW
GetDIBits
GetNearestColor
GetTextFaceW
DeleteDC
SetRectRgn
DeleteObject
GetDeviceCaps
GetPaletteEntries
SetBkColor
SetPixel
LineTo
CreateCompatibleDC

user32

DialogBoxParamW
GetDC
ReleaseDC
GetWindowTextLengthW
SetDlgItemInt
LoadCursorFromFileA
SetFocus
LoadStringA
RemoveMenu
DrawTextW
GetKeyState
SetWindowPos
GetDlgItem
InsertMenuItemW
EnumDesktopWindows
CreatePopupMenu

Exports

Exports

JsFrinaGbleMksxiqs
GfwmHifnnLdo

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4294afc95c2bbc0603a787e83ac55d08

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 13KB - Virtual size: 12KB

.rsrc Size: 30KB - Virtual size: 30KB

.reloc Size: 512B - Virtual size: 50B

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 30KB - Virtual size: 30KB

.reloc
Size: 512B - Virtual size: 50B