JaffaCakes118_4d27d809fa2ee20883e49e8bdc9d2150

General

Target

JaffaCakes118_4d27d809fa2ee20883e49e8bdc9d2150
Size

912KB
MD5

4d27d809fa2ee20883e49e8bdc9d2150
SHA1

64d216af04a3043fb817f848fbc97be62fe15958
SHA256

f4cc9e1e3dd233cd9fc38f14524787fa9cb15630a68351f33de9c9087eebb44d
SHA512

d19e405214f8bc2a7eecb80bc46061b8cb7fd0e362667745f44285babd1452e427130accd6921cacef920656762160602cd8fdb7c1634db67d50fd14a00fd51e
SSDEEP

24576:wEJ17LwBnlm+jSyMhLvhoqQ5gJFCcEwIxSOlgfo:hJ1IQQSFhLezqFGwIxRg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4d27d809fa2ee20883e49e8bdc9d2150

Files

JaffaCakes118_4d27d809fa2ee20883e49e8bdc9d2150
.dll windows:4 windows x86 arch:x86

3c5a28a1c3bbad9889fcb22b2127e39f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetProcAddress
lstrcpynA
LockResource
LoadResource
SizeofResource
FindResourceA
CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetTempFileNameA
GetTempPathA
GetLastError
CreateMutexA
lstrcmpiA
GetModuleFileNameA
WaitForSingleObject
GetTickCount
GetLogicalDrives
FindClose
FindNextFileA
SetFileAttributesA
CopyFileA
GetFileAttributesA
FindFirstFileA
lstrcpyA
WaitForMultipleObjects
TerminateThread
ResumeThread
SetThreadPriority
CreateThread
FreeLibrary
SetEvent
CreateEventA
DisableThreadLibraryCalls
LoadLibraryA
lstrcatA
GetSystemDirectoryA
LocalAlloc
InterlockedExchange
RaiseException

Exports

Exports

LpkDllInitialize
LpkDrawTextEx
LpkEditControl
LpkExtTextOut
LpkGetCharacterPlacement
LpkGetTextExtentExPoint
LpkInitialize
LpkPSMTextOut
LpkTabbedTextOut
LpkUseGDIWidthCache
ftsWordBreak

Sections

111
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 903KB - Virtual size: 903KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 638B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c5a28a1c3bbad9889fcb22b2127e39f

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

111 Size: 2KB - Virtual size: 2KB

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 744B

.rsrc Size: 903KB - Virtual size: 903KB

.reloc Size: 1024B - Virtual size: 638B

111
Size: 2KB - Virtual size: 2KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 744B

.rsrc
Size: 903KB - Virtual size: 903KB

.reloc
Size: 1024B - Virtual size: 638B