545e76297f4c6e02755567e9e8567376_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

545e76297f4c6e02755567e9e8567376_JaffaCakes118
Size

123KB
MD5

545e76297f4c6e02755567e9e8567376
SHA1

30827ed5e5ad6d992b5c6f92707acacd54cde062
SHA256

28519759d13dbeea0f461b2ed182fb9765b77b6d8450f1e4c865bef60ce6a912
SHA512

78835560900184419f04729159b27c2384c183c5e7a150065deaf2610db63975d5e3884204a68bf865d426958d8ddf26d161a19185ff8d8325dff30cf51cfde7
SSDEEP

3072:bIEsD/VG0WsoxjPF+kSGjH670I4FEmYf8wwP/q+YkpzXzsSr+ZU+kZ:od2soxjPgmeQI4FEbwXq+Yk7zP0uZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
545e76297f4c6e02755567e9e8567376_JaffaCakes118

Files

545e76297f4c6e02755567e9e8567376_JaffaCakes118
.dll windows:5 windows x86 arch:x86

8bc0b44661516948283e0f4e39504e02

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_APPCONTAINER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

K:\On96any06\Anpostmi\Knit5un1cad\Qi.pdb

Imports

shell32

ord89
ord98

imm32

ImmUnregisterWordA

glu32

gluLoadSamplingMatrices

opengl32

glColor4ub
glGetBooleanv

comctl32

ImageList_AddMasked
ImageList_GetIconSize

msvcrt

wcschr
wcstoul
toupper

shlwapi

PathRemoveExtensionA
ChrCmpIA
PathAddBackslashW

kernel32

GetLocalTime
GlobalFree
GetEnvironmentVariableW

user32

GetActiveWindow
DdeFreeStringHandle
PostThreadMessageA

gdi32

EndPath
RemoveFontResourceW
GetStockObject

comdlg32

ChooseFontA

advapi32

ReportEventW
RegDeleteKeyA

ole32

CoTaskMemRealloc

oleaut32

VarI2FromI8
VarI8FromUI4

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8bc0b44661516948283e0f4e39504e02

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shell32

imm32

glu32

opengl32

comctl32

msvcrt

shlwapi

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 51KB - Virtual size: 51KB

.code Size: 18KB - Virtual size: 18KB

.data Size: 512B - Virtual size: 188B

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 39KB - Virtual size: 39KB

.text
Size: 51KB - Virtual size: 51KB

.code
Size: 18KB - Virtual size: 18KB

.data
Size: 512B - Virtual size: 188B

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 39KB - Virtual size: 39KB