186c8623548a57082f1677711f5a5d53_JaffaCakes118

General

Target

186c8623548a57082f1677711f5a5d53_JaffaCakes118
Size

29KB
MD5

186c8623548a57082f1677711f5a5d53
SHA1

63c6687612d87d91450c9cd153736ef0d774ccc8
SHA256

f3054bb17032443275eea0ae552efd853ba3f3da5ed7984597a3d3927b0a8eec
SHA512

11ecd7709462a48133312605f900832f0493a6890c0c58888829e4d8fbeb118f9d2235e6cf64ed21027bc66f77fa4affda450d89ac4f6b600c8249fa07f9a48d
SSDEEP

384:raLy2W8wU89cXq0X3OC2LqWRmcHKv9RsXwG/UJ8asIB5fN4cN/Wa4UdZt/wapoy6:u2P8c9cam3ja5SVRYB/8v3gGHzo+cmM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
186c8623548a57082f1677711f5a5d53_JaffaCakes118

Files

186c8623548a57082f1677711f5a5d53_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7f1e4f1ec9e337450d7880773f5fa3e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
MulDiv
GetLocalTime
GetProcAddress
VirtualProtect
DosDateTimeToFileTime
GetModuleFileNameA
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
GetACP
LoadLibraryA
GetVersionExA
Sleep
IsDebuggerPresent
GetComputerNameA
IsBadWritePtr
VirtualAlloc

user32

GetTopWindow
GetWindow
GetTitleBarInfo
CopyIcon
WindowFromDC
IsClipboardFormatAvailable
GetCursor
GetMenuContextHelpId
GetWindowContextHelpId
GetWindowTextLengthA
IsIconic
GetGUIThreadInfo
GetWindowPlacement
IsChild
IsMenu
BlockInput
GetWindowRgn
GetWindowTextA
GetWindowDC

advapi32

GetUserNameA
IsValidAcl
InitializeSecurityDescriptor
IsValidSecurityDescriptor
RevertToSelf

msvcrt

_CIfmod
_itoa
__doserrno
_adjust_fdiv
malloc
_initterm
free
memchr
srand
_set_error_mode
_CIacos
time
localeconv
_pctype
_isctype
__mb_cur_max
modf
_errno
ldiv

gdi32

GetPixel
GetBkColor
GetBkMode
GetBitmapDimensionEx
GetStretchBltMode

ole32

CoGetCurrentProcess
CoDosDateTimeToFileTime
CoRevertToSelf

shell32

ord680
ord524

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f1e4f1ec9e337450d7880773f5fa3e9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

gdi32

ole32

shell32

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 65KB - Virtual size: 67KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 65KB - Virtual size: 67KB

.reloc
Size: 3KB - Virtual size: 2KB