438fb8460534e29a079cfb95a5558959_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

438fb8460534e29a079cfb95a5558959_JaffaCakes118
Size

210KB
MD5

438fb8460534e29a079cfb95a5558959
SHA1

9f4207efd1ab1459640617bc1d598336ef6d32f4
SHA256

1a1154e5004a3d28a8a9d77e580c072c917a03ff007d40c918f5aff17064e90d
SHA512

06e2c4bf70a6af6986b8470b198789a9e4c193b81e0e3418d84ff6c023112f406355e365cec92371b27bc9284f45ecc95bceab1cc58fe0e50d30ab4a0fd6919c
SSDEEP

6144:NYVpv602Pf/QUtXVMcSGhuAxNjrAZ880:uV0PH/htXNuAnrA7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
438fb8460534e29a079cfb95a5558959_JaffaCakes118

Files

438fb8460534e29a079cfb95a5558959_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2cf7f9377ee9c61f68a6ec8529b00cfe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoSizeA
VerInstallFileA

user32

CreateIcon
GetWindowThreadProcessId
GetClassLongA
ClientToScreen
EndPaint
GetSystemMetrics
CheckMenuItem
LoadKeyboardLayoutA
GetWindowDC
GetMenuItemCount
DestroyMenu
IsChild
CharNextW
SetWindowsHookExA
EnableMenuItem
GetWindowPlacement
GetPropA
SetClassLongA
DrawFrameControl
FrameRect
SetRect
TrackPopupMenu
SetParent
DefMDIChildProcA
GetDC
GetTopWindow
EnumThreadWindows
GetKeyboardState
InflateRect
SetWindowLongW
GetActiveWindow
GetScrollRange
GetKeyboardType
SetWindowPos
ReleaseDC
GetMenuState
GetLastActivePopup
GetWindowRect
DestroyWindow
SetForegroundWindow
IsWindowVisible
DefFrameProcA
RegisterClassA
IntersectRect
InsertMenuA
GetDlgItem
CharNextA
PeekMessageA
UnregisterClassA
WaitMessage
SystemParametersInfoA
CallWindowProcA
MapWindowPoints
GetKeyboardLayoutNameA
GetKeyboardLayoutList
OpenClipboard
GetKeyState
ReleaseCapture
BeginPaint
EnableScrollBar
LoadBitmapA
CreateWindowExA
WindowFromPoint
GetDesktopWindow
GetIconInfo
DeleteMenu
DispatchMessageA

shell32

SHGetFolderPathA
SHGetSpecialFolderLocation
SHFileOperationA

gdi32

CreatePenIndirect
GetCurrentPositionEx
CreateDIBitmap
GetBitmapBits
CreatePalette
GetDIBits

kernel32

VirtualAllocEx
FormatMessageA
LocalFree
GetLocalTime
GetStartupInfoA
GlobalDeleteAtom
ExitThread
VirtualAlloc
SetFilePointer
HeapAlloc
GetLastError
FreeLibrary
ExitProcess
LoadLibraryExA
CloseHandle
LoadResource
GetSystemDefaultLangID
GetACP
GetModuleHandleA
LoadLibraryA
GetThreadLocale
lstrlenA
GetProcAddress

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 434B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 474B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2cf7f9377ee9c61f68a6ec8529b00cfe

Headers

File Characteristics

Imports

version

user32

shell32

gdi32

kernel32

Sections

.text Size: 25KB - Virtual size: 24KB

DATA Size: 3KB - Virtual size: 99KB

.idata Size: 177KB - Virtual size: 176KB

.tls Size: 2KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 434B

.reloc Size: 512B - Virtual size: 474B

.text
Size: 25KB - Virtual size: 24KB

DATA
Size: 3KB - Virtual size: 99KB

.idata
Size: 177KB - Virtual size: 176KB

.tls
Size: 2KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 434B

.reloc
Size: 512B - Virtual size: 474B