20c572f49847d4533ef3d2d4ee47640a_JaffaCakes118

General

Target

20c572f49847d4533ef3d2d4ee47640a_JaffaCakes118
Size

159KB
MD5

20c572f49847d4533ef3d2d4ee47640a
SHA1

90e5468d00d09c8d8ba1a79a679af04c01eb15a2
SHA256

2fd97db177f2a81fc00502788165267af36f2606121e69d5f28eb04f9e6a89cd
SHA512

4d9689e078613e899b72f05edc7d3c8c82e7d7f4906d29508c4080e48031af9c233eb576638042d68a2923427693b546eb393434a6b698bd7297c0a5a9bf6124
SSDEEP

3072:pgAupNvZJ17oBSfUzWJM169h+56a1qIZMzdKUnBvGjmkwbU1hZy8cMbjTtcpnA14:yA4gSszAx/D2odKQADhlTti

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20c572f49847d4533ef3d2d4ee47640a_JaffaCakes118

Files

20c572f49847d4533ef3d2d4ee47640a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e6c212999eb5abca16f731cd3bbe805a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
FindResourceA
GetACP
GetCPInfo
GetCommandLineA
GetModuleHandleA
GetNumberFormatA
GetOEMCP
GetStartupInfoA
HeapAlloc
HeapCreate
HeapSize
InterlockedDecrement
LoadResource
LockResource
MultiByteToWideChar
RtlUnwind
SetEvent
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
WaitForMultipleObjects

msvcrt

realloc
vswprintf
wcscmp
wcslen
time

user32

GetUserObjectSecurity
InvalidateRgn
DestroyWindow
wsprintfA
IsDlgButtonChecked
KillTimer
LoadImageA
MoveWindow
EnumChildWindows
EndDialog

oleaut32

RevokeActiveObject
OleTranslateColor
OleLoadPicturePath
ClearCustData
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroy
VarBstrCat
VarBstrCmp
SafeArrayAccessData

shlwapi

ChrCmpIA
PathCombineA
PathGetDriveNumberA
SHDeleteEmptyKeyA
SHDeleteValueA
SHEnumKeyExA
SHQueryInfoKeyA
StrRStrIA
StrSpnA
StrStrA

Exports

Exports

C_GetFunctionList
W32N_GetTimestampInformation

Sections

.text
Size: 101KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6c212999eb5abca16f731cd3bbe805a

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 101KB - Virtual size: 192KB

.data Size: 55KB - Virtual size: 56KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 101KB - Virtual size: 192KB

.data
Size: 55KB - Virtual size: 56KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB