eb66b2d74f39a387a2d9ad0b8ca3c5a7_JaffaCakes118

General

Target

eb66b2d74f39a387a2d9ad0b8ca3c5a7_JaffaCakes118
Size

25KB
MD5

eb66b2d74f39a387a2d9ad0b8ca3c5a7
SHA1

1a98bee7c991a41a0b2fd1b501e7e8e268e836dd
SHA256

e7c27e3b8d4280a0de5d3cdcf8582f3ad1595e180aec7924d0629e6b499bf742
SHA512

a0fc2d5614bb4bccfb04dced6e15652caecffeb60eb4ffea6adfe5372d389f7c95bdba9dd6fc3a1e050be6a2b4b8f114abcb0d168ed8b1acd5fbdafc4c9e496e
SSDEEP

384:yRGPUWyJBvNNxIh3GTaJJ9GYbEIDH6fxuuMYQA8TZC38UvTsbi63V83:L+BvO22t/eJff0gMCTkDlY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb66b2d74f39a387a2d9ad0b8ca3c5a7_JaffaCakes118

Files

eb66b2d74f39a387a2d9ad0b8ca3c5a7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2bde6ce955326a0fc448449a2c555155

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsDBCSLeadByte
LoadLibraryA
InterlockedIncrement
InterlockedExchange
GetProcAddress
GetACP
GetUserDefaultLCID
GetLocalTime
VirtualAlloc
VirtualProtect
Sleep
QueryPerformanceFrequency
QueryPerformanceCounter
SetLastError
GetLastError
IsBadReadPtr
GetCurrentThreadId
GetCurrentProcess
IsBadStringPtrA
IsBadCodePtr
GetStartupInfoA

user32

GetCursor
GetWindowContextHelpId
GetWindowTextLengthA
IsCharAlphaNumericA
IsCharAlphaA
GetWindowDC
GetDC
WindowFromDC
GetForegroundWindow
CopyIcon
GetWindow
GetWindowInfo
IsZoomed
IsIconic
GetDesktopWindow
IsMenu
GetClientRect

advapi32

RevertToSelf
IsValidSid
AreAnyAccessesGranted
IsValidAcl
InitializeSecurityDescriptor

msvcrt

_initterm
free
_memicmp
__doserrno
_ultoa
srand
rand
malloc
_adjust_fdiv
__mb_cur_max
modf
_hypot
localeconv
_pctype
_isctype
_ltoa

gdi32

GetBkMode
GdiFlush
GdiGetBatchLimit
GetStretchBltMode

shell32

ord680

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bde6ce955326a0fc448449a2c555155

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

gdi32

shell32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 69KB - Virtual size: 69KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 69KB - Virtual size: 69KB

.reloc
Size: 3KB - Virtual size: 2KB