5d1acece864918cd32674b53b03b2782_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5d1acece864918cd32674b53b03b2782_JaffaCakes118
Size

1.2MB
MD5

5d1acece864918cd32674b53b03b2782
SHA1

63818c48ec06eb1844c8a40bf931059664ec7473
SHA256

277cfe89b173e55243afc85867c0ccdf81b40800db1f16499c09544981a9ecfe
SHA512

d5024bb54815dc3162cda4bc5bfe81d8edc9f9356ee99de35ff17f01492c5e69026cc9ac31611719283b0e1ec3209501669b4b543ce4e6a9c275ca81b93845fa
SSDEEP

24576:vyTonNVlKTt/Q5ECvVP7hpJMvjtKpvPf9+m6kLRqgSyI:vyWRKTt/QlPVp3h9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

5d1acece864918cd32674b53b03b2782_JaffaCakes118

resource
5d1acece864918cd32674b53b03b2782_JaffaCakes118

Files

5d1acece864918cd32674b53b03b2782_JaffaCakes118
.dll windows:5 windows x64 arch:x64

687efd2fbde0f23e458ecdcacb3fde47

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

user32

InsertMenuW
DrawIconEx
DrawStateW
DrawTextW

gdi32

GetCharWidthW
GetSystemPaletteEntries
GetTextExtentExPointI
GetCharWidth32A
GetViewportOrgEx
DeleteEnhMetaFile
GetWindowExtEx

kernel32

FreeResource
FillConsoleOutputCharacterA
DeleteTimerQueueTimer
GetThreadId
LoadLibraryA
lstrcmpiW
GetPrivateProfileStringW
GetCurrentThread
GlobalDeleteAtom
VirtualAlloc
DebugActiveProcess
GetCommProperties
ConvertDefaultLocale
GetNLSVersion
GetLastError
GetThreadTimes
GetEnvironmentStringsW

advapi32

GetSecurityDescriptorSacl
LookupAccountSidA
DecryptFileW
DeregisterEventSource

comdlg32

GetFileTitleW

Exports

Exports

CreateXmlReader
CreateXmlReaderInputWithEncodingCodePage
CreateXmlReaderInputWithEncodingName
CreateXmlWriter
CreateXmlWriterOutputWithEncodingCodePage
CreateXmlWriterOutputWithEncodingName

Sections

.text
Size: 911KB - Virtual size: 911KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 591B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 503B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 318B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

687efd2fbde0f23e458ecdcacb3fde47

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

kernel32

advapi32

comdlg32

Exports

Exports

Sections

.text Size: 911KB - Virtual size: 911KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 65KB - Virtual size: 65KB

.pdata Size: 512B - Virtual size: 312B

.rsrc Size: 1024B - Virtual size: 976B

.reloc Size: 1024B - Virtual size: 591B

Size: 2KB - Virtual size: 1KB

Size: 206KB - Virtual size: 205KB

Size: 512B - Virtual size: 503B

Size: 512B - Virtual size: 318B

.text
Size: 911KB - Virtual size: 911KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 65KB - Virtual size: 65KB

.pdata
Size: 512B - Virtual size: 312B

.rsrc
Size: 1024B - Virtual size: 976B

.reloc
Size: 1024B - Virtual size: 591B