f0ad79cce1e1d3003e21176a57df17a5_JaffaCakes118

General

Target

f0ad79cce1e1d3003e21176a57df17a5_JaffaCakes118
Size

57KB
MD5

f0ad79cce1e1d3003e21176a57df17a5
SHA1

2e6852e4e05c7d60b9e33e6af10ae4a98eba04d6
SHA256

f287d6fc4c1434b45afb274828d52164b07f88d06565aebc28a3a5ad9a96d79e
SHA512

c1a389a553714abf2d04fcd747e742695038efe3511b7cd387100407985065716540e4bd60414a6f85c08672e47c0ace3a6b1f495f981b7ad1c854b3a7d6908e
SSDEEP

1536:0iQhs0NNgIJtniVkxbOnTG6j2V1czcOH8/2ejcxV+j0H:0ikt8IQnTG6j2Vccb2ejoMjy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0ad79cce1e1d3003e21176a57df17a5_JaffaCakes118

Files

f0ad79cce1e1d3003e21176a57df17a5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

97dd0b67a470626fc489bd65c613054b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
IsDBCSLeadByte
LoadLibraryA
InterlockedIncrement
InterlockedExchange
Sleep
GetSystemTimeAsFileTime
VirtualAlloc
VirtualProtect
DosDateTimeToFileTime
IsDebuggerPresent
GetComputerNameA
IsBadReadPtr
GetCurrentProcess
GetProcAddress
GetProcessHeap

user32

GetGUIThreadInfo
GetLastActivePopup
GetCursor
GetMenuContextHelpId
GetWindowContextHelpId
GetWindowRect
IsCharUpperA
IsCharAlphaA
GetWindowRgn
GetWindowDC
GetParent
GetWindowPlacement
IsMenu
InSendMessage
GetAncestor
GetDlgItem
CopyIcon
WindowFromDC
GetWindow

advapi32

RevertToSelf

msvcrt

__doserrno
div
_errno
_hypot
__mb_cur_max
_adjust_fdiv
malloc
_initterm
free
memmove
_memicmp
_swab
_CIacos
floor
ceil
frexp
localeconv
_pctype
_isctype
_itoa

gdi32

GetStretchBltMode
GetBkColor
GdiFlush

ole32

CoDosDateTimeToFileTime
CoRevertToSelf

shell32

ord680
DuplicateIcon
ord66
ord524

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97dd0b67a470626fc489bd65c613054b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

gdi32

ole32

shell32

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 65KB - Virtual size: 66KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 65KB - Virtual size: 66KB

.reloc
Size: 3KB - Virtual size: 2KB