187ed877f1c88762848ac00d6b65e7e0_JaffaCakes118

General

Target

187ed877f1c88762848ac00d6b65e7e0_JaffaCakes118
Size

280KB
MD5

187ed877f1c88762848ac00d6b65e7e0
SHA1

cfa6923d4ea0a8dad792cc57da66ea480840a921
SHA256

9a9c80eed4154a7a290a9882524f7b92dbb12ca2bee42be81626021c5046eddb
SHA512

b39445a0db75a87d646a4f2c477598bea6bd34c72a0894f538083d625e7dd89717a2ba54dca06ab81e21f38564a377037fc55fac328ea9c6ea8975d2b67d308f
SSDEEP

3072:GowiTBW3Si3EwjdY3LE6vDrDwK9p5vDlk1eDUKS/4OQfWs6f0DybpDamMdQFShkw:ljW3S+dkDrDeg7XOZ0WtumM6kT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
187ed877f1c88762848ac00d6b65e7e0_JaffaCakes118

Files

187ed877f1c88762848ac00d6b65e7e0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cbd51bd71043d7e672e6a17dc9c90728

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

DispatchMessageA
GetMessageA
PostMessageA
PostThreadMessageA
PeekMessageA

msvcrt

_stricmp
strncpy
isupper
tolower
__dllonexit
realloc
_adjust_fdiv
strrchr
??3@YAXPAX@Z
_purecall
calloc
strchr
_ftol
toupper
_putenv
_vsnprintf
atol
_endthreadex
_beginthreadex
memchr
malloc
memmove
free
_onexit
_initterm
??2@YAPAXI@Z

kernel32

DisableThreadLibraryCalls
ResetEvent
SetThreadPriority
ResumeThread
GetThreadPriority
QueryPerformanceFrequency
QueryPerformanceCounter
SuspendThread
CloseHandle
WaitForSingleObject
Sleep
GetLastError
InitializeCriticalSection
GetCurrentThreadId
CreateEventA
SetEvent
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetTickCount

ole32

CoInitializeEx
CoUninitialize

Exports

Exports

CanUnload
CanUnload2
RMACreateInstance
SetDLLAccessPath

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cbd51bd71043d7e672e6a17dc9c90728

Headers

File Characteristics

Imports

user32

msvcrt

kernel32

ole32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 180KB - Virtual size: 178KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 180KB - Virtual size: 178KB

.reloc
Size: 4KB - Virtual size: 3KB