14e0e30a5fcad29b49c855e172ca821b_JaffaCakes118

General

Target

14e0e30a5fcad29b49c855e172ca821b_JaffaCakes118
Size

1.2MB
MD5

14e0e30a5fcad29b49c855e172ca821b
SHA1

426bcf118ff307b29c7358ae95d226a2cec898f5
SHA256

23fae67a7008e89d6eaa9f9b16a477d1f4ad1f0ef45383dd8207ec20739104db
SHA512

db6509d90d49104cd6c4f8b3103d0bacfc3759cbe01f4f3121282e7685aad786f7fe99b90e425fe3dab99f82ade321dd6e1cb839869c0ec7e42a719d4f7db1a2
SSDEEP

12288:wEMDMDtJRK2mUWGJgnkxGJgnkH/S1LaYeQEW7TENH5S4JXc:wtko2mkGnkUGnk89eQERN1Js

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14e0e30a5fcad29b49c855e172ca821b_JaffaCakes118

Files

14e0e30a5fcad29b49c855e172ca821b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ef230874806ebe11b8048a34dd9c0006

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetUserDefaultLCID
MulDiv
GetLocalTime
GetStartupInfoA
VirtualProtect
VirtualQuery
GetTickCount
GetProcAddress
InterlockedIncrement
LoadLibraryA
IsDBCSLeadByte
GetVersionExA
Sleep
QueryPerformanceCounter
GetCurrentThreadId
VirtualAlloc
IsBadStringPtrA

user32

GetDC
IsWindowVisible
GetTitleBarInfo
GetAncestor
GetDlgItem
GetWindowContextHelpId
GetClientRect
IsCharLowerA
CopyIcon
GetWindowRgn
GetWindowDC
GetGUIThreadInfo
GetParent
GetDesktopWindow
IsChild
BlockInput
IsCharAlphaA

advapi32

AreAnyAccessesGranted
InitializeSecurityDescriptor
IsValidSecurityDescriptor
RevertToSelf

msvcrt

__mb_cur_max
_adjust_fdiv
malloc
_initterm
free
_memccpy
_ultoa
_set_error_mode
rand
_ltoa
_isctype
time
floor
_pctype

gdi32

GdiFlush
GetROP2
GetBkColor
GetBitmapDimensionEx

ole32

CoFileTimeNow

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef230874806ebe11b8048a34dd9c0006

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

gdi32

ole32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 65KB - Virtual size: 66KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 65KB - Virtual size: 66KB

.reloc
Size: 3KB - Virtual size: 2KB