JaffaCakes118_f4de3d851eb7dd7c361282901a5fa088

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_f4de3d851eb7dd7c361282901a5fa088
Size

358KB
MD5

f4de3d851eb7dd7c361282901a5fa088
SHA1

9d8905df11662f6c1b4f39af47c1c8bb391f81c7
SHA256

ce2b4e250ac3c32f7a265f1a444386a07ec96cbcbb43510734c37b0b9da011e9
SHA512

7c55f49c9a5f2cc0b7dfcf56cb7af1d4a9ba9186cbe34e3a2d43cd2013247500e043e8f13e28a0a42b40fa89c8f81c52546db9b6ef5b164e0f24b89c6996b2dd
SSDEEP

6144:mm8HFmf2Ee5apzeJ4DSY7Dh6LUr+nxQNBO0fS:GjEuuDC1o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_f4de3d851eb7dd7c361282901a5fa088

Files

JaffaCakes118_f4de3d851eb7dd7c361282901a5fa088
.dll windows:4 windows x86 arch:x86

6edb7b49e7ce8702a069ef7ebf257bdc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualProtect
GetCurrentThread
lstrcmpA

version

VerInstallFileA
VerFindFileA

comdlg32

GetSaveFileNameA
CommDlgExtendedError

advapi32

LsaEnumerateAccountsWithUserRight
SystemFunction020

gdi32

GdiConvertBitmapV5
GetGlyphOutlineA
SetDIBits

gdiplus

GdipShearMatrix
GdiplusStartup
GdipMeasureCharacterRanges

oleacc

WindowFromAccessibleObject

msimg32

AlphaBlend

oledlg

OleUIUpdateLinksW

shell32

Shell_MergeMenus
SHChangeNotifyDeregister

winspool.drv

PrinterMessageBoxW
ExtDeviceMode
SetPortW
GetPrintProcessorDirectoryA

shlwapi

PathRemoveBackslashA
SHDeleteKeyW

comctl32

CreatePropertySheetPageW
GetEffectiveClientRect

imagehlp

SymGetSymFromAddr
SymGetModuleInfoW64

oleaut32

VarBoolFromUI8

ole32

CoRevokeMallocSpy
CoCopyProxy
DllGetClassObject

user32

BroadcastSystemMessageExW

Exports

Exports

GetClass

Sections

.text
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdatat
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6edb7b49e7ce8702a069ef7ebf257bdc

Headers

File Characteristics

Imports

kernel32

version

comdlg32

advapi32

gdi32

gdiplus

oleacc

msimg32

oledlg

shell32

winspool.drv

shlwapi

comctl32

imagehlp

oleaut32

ole32

user32

Exports

Exports

Sections

.text Size: 197KB - Virtual size: 196KB

.edata Size: 512B - Virtual size: 112B

.data Size: 24KB - Virtual size: 4KB

.data Size: 49KB - Virtual size: 48KB

.rdatat Size: 2KB - Virtual size: 1KB

.rsrc Size: 69KB - Virtual size: 68KB

.text
Size: 197KB - Virtual size: 196KB

.edata
Size: 512B - Virtual size: 112B

.data
Size: 24KB - Virtual size: 4KB

.data
Size: 49KB - Virtual size: 48KB

.rdatat
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 69KB - Virtual size: 68KB