15adec0564b12efc1c11da32ad159ecf_JaffaCakes118

General

Target

15adec0564b12efc1c11da32ad159ecf_JaffaCakes118
Size

51KB
MD5

15adec0564b12efc1c11da32ad159ecf
SHA1

a27bf5b14fe2ef1c5e31eda674944b402ee0906a
SHA256

7b46777db6d8cbd0dae5d9fc39a148f55cdc028b095983f17f81c195fe800eb6
SHA512

ebbca3151ffdd324be92efe1fcbc53fac1dcc5dbbe7998c6f97e8289ab406d7c4c2f1dc09b84ea60db52f0273efcaffd863f29f05d257626bbfc1f6fe72d5fee
SSDEEP

768:7Uzs3YTKTQOpga0JuaHT5wv7Gp0SZaBWVz/5CEaNFBTFOfoOHQu8qO6BBTKKYsRQ:YzzuKT5wvCpbZ5XC/Bhw9H1G6XT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15adec0564b12efc1c11da32ad159ecf_JaffaCakes118

Files

15adec0564b12efc1c11da32ad159ecf_JaffaCakes118
.dll windows:6 windows x86 arch:x86

e8f203bd8f2411dd938aad53a603becd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

initprui

Options_RunDLLA
ImmWINNLSEnableIME
ImmGetConversionListA
strtoul
Control_RunDLL
_vsnwprintf
strtol
DAD_ShowDragImage
ImmReleaseContext
ILGetSize
memmove
ImmSetStatusWindowPos
ImmActivateLayout
_strupr
ILCloneFirst
DragQueryFile
mbstowcs
wcsstr
ImmSendIMEMessageExA
_itow
wcsncpy
PathIsExe
ExtractIconExA
DragFinish
ILCreateFromPath
ILLoadFromStream
ImmGetIMCCLockCount
ImmLoadIME
ImmFreeLayout

kernel32

ExitProcess
MapViewOfFile
MapViewOfFileEx
UnmapViewOfFile
InterlockedDecrement
CreateFileMappingA
OpenThread
IsProcessorFeaturePresent
VirtualQuery
SleepEx
WaitForMultipleObjects
CreateEventA
GetThreadSelectorEntry
InitializeCriticalSection
EnterCriticalSection
ReadFile
InterlockedExchangeAdd
SetFilePointer
LeaveCriticalSection
GetThreadPriority
InterlockedIncrement
ReadFileScatter
SetThreadPriority
CreateFileA

Exports

Exports

CreateProcessNotify
clipstrt

Sections

.text
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8f203bd8f2411dd938aad53a603becd

Headers

File Characteristics

Imports

initprui

kernel32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 36KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 10KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 8KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 36KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 4KB