0bb32b3e9aac598f52cce60452814b47_JaffaCakes118

General

Target

0bb32b3e9aac598f52cce60452814b47_JaffaCakes118
Size

63KB
MD5

0bb32b3e9aac598f52cce60452814b47
SHA1

88b12036f116fe3d0e7ded2d3b159a7f2bdf6568
SHA256

ddf8c2252464869ddf8446f3d0fb79b7d20adc9ee4b7c04e7546514b86dd95f4
SHA512

596f95671df72d0038a41b98842ebcaf8b63a4b45f84a0f15b156549cf9d4e0fd4df6e6ed915cdfa194ac059b9fc39ea95a7daa6ef11e55ddf5ccd518cd09ce5
SSDEEP

1536:VxnDDQaWTHu/IO3g1frkJBEM3qEVXdYJVqbgxUDup58UBBYeEg:3HQaWTlBrkTEM3q2dYDqbge45bB6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bb32b3e9aac598f52cce60452814b47_JaffaCakes118

Files

0bb32b3e9aac598f52cce60452814b47_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9cc36e60e9ce4fca8ac5d336e30df032

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateDirectoryA
GetCurrentDirectoryW
LoadLibraryA
OpenJobObjectW
DisableThreadLibraryCalls
GetWindowsDirectoryA
GetLastError
IsDBCSLeadByte
RaiseException
CreateDirectoryW
VirtualAlloc
GetModuleHandleA
LocalHandle
ExitProcess
MoveFileA
GetSystemDirectoryA
OutputDebugStringA
VirtualProtect
CloseHandle
WritePrivateProfileStringW
CopyFileA
FindAtomA
LocalReAlloc

msvcrt

_wstat
realloc
getc
_mbbtombc
isxdigit
_wpgmptr
_ismbblead
isupper
memcpy
sprintf
_getpid
iswalpha
fscanf
_fmode
__p__winmajor
_ismbcgraph
gmtime
wcscoll
memchr
??1bad_typeid@@UAE@XZ
_wrmdir
_wutime64

user32

LoadStringA
IsDialogMessageW
SetClassLongW
GetWindowLongW
CopyRect
LoadAcceleratorsW
SetCursor
GetClipboardData
GetParent
FillRect
OffsetRect
OpenClipboard
EndDialog
ModifyMenuA
LoadCursorFromFileA
EnableWindow
GetSubMenu
SetFocus

gdi32

CreateRectRgn
LineTo
GetNearestColor
SetRectRgn
Polygon
SetStretchBltMode
SetPaletteEntries
SetTextColor
GetObjectW
GetNearestPaletteIndex

Exports

Exports

UhzDwceNxupvhgDwxnxzVt
HjJnpg
HpNlhjakQezgwFpqwhkZt
WvqbogKlkdbuHrhqedm
VjakjxOgmpLlynxiHs

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9cc36e60e9ce4fca8ac5d336e30df032

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 13KB - Virtual size: 12KB

.rsrc Size: 30KB - Virtual size: 30KB

.reloc Size: 512B - Virtual size: 62B

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 30KB - Virtual size: 30KB

.reloc
Size: 512B - Virtual size: 62B