5463953cf415ec8bda9577838a8f545e_JaffaCakes118

General

Target

5463953cf415ec8bda9577838a8f545e_JaffaCakes118
Size

64KB
MD5

5463953cf415ec8bda9577838a8f545e
SHA1

0d2ed6ca17bb83d2cd8dff6eafd9507ee31ee659
SHA256

a90b0d88c375a8579004390bfb3ef574b047c1dcee0cac770df3d0f0dd6027c7
SHA512

3455f344d4f7a85ace8c550fef1863c3cf0e9db6f55c53e1e988ed98b2aef9def47a3fa61d7780032b7194ea2be29fe3f7c566fad0ae9e2c2c4a1c8d18763464
SSDEEP

1536:NYqXJ0pZkZfQJoRGnPRVgRuIbSJ4EFEJdswHaI6p0Sjaxq:mG07c3yiSJ484iiavp0Sj8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5463953cf415ec8bda9577838a8f545e_JaffaCakes118

Files

5463953cf415ec8bda9577838a8f545e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

57dcdd279dd288c5f5c8d5d115202688

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsValidCodePage
CreateMutexA
GetEnvironmentStringsA
HeapDestroy
CreateTimerQueue
GetStartupInfoA
GetProfileSectionA
GetWindowsDirectoryA
ExitProcess
CreateDirectoryExW
WriteProfileSectionA
GetCommandLineA
FillConsoleOutputCharacterA
GetThreadPriority
WritePrivateProfileSectionA
FindNextVolumeMountPointA
AllocConsole
SetHandleInformation
GetLocaleInfoA
GetCommModemStatus
VirtualAllocEx
LocalReAlloc
GetFileSizeEx
IsBadHugeReadPtr

user32

TranslateMDISysAccel
SetRect
EnumWindows
CreateDialogIndirectParamA
GetThreadDesktop
CreateIconIndirect
RegisterLogonProcess
SendNotifyMessageA
GetClipboardViewer
DestroyCaret
LoadMenuIndirectA
RegisterWindowMessageW
ChangeClipboardChain
GetRawInputDeviceInfoA
ToAscii
PostThreadMessageA
MapDialogRect
LoadMenuIndirectA

gdi32

PatBlt
StretchBlt
LineTo
DeleteObject

advapi32

RegOpenKeyExA
RegCloseKey

Exports

Exports

CreateRdfjjyjcb
Gkblrvefen

Sections

.textbbs
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 52KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57dcdd279dd288c5f5c8d5d115202688

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.textbbs Size: - Virtual size: 1KB

.text Size: 52KB - Virtual size: 184KB

.idata Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.textbbs
Size: - Virtual size: 1KB

.text
Size: 52KB - Virtual size: 184KB

.idata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB