287767f1d2e178785410a332ec28bb84_JaffaCakes118

General

Target

287767f1d2e178785410a332ec28bb84_JaffaCakes118
Size

16KB
MD5

287767f1d2e178785410a332ec28bb84
SHA1

ed3f9093d40c9fcb2ffa85067701b9f2aa4f08d6
SHA256

cdc3a00431358273dae22f4045730651db82a52822d93ceac81188cce1d52033
SHA512

4d8c10b8bf938feb8a2e9dc2e169a6d85c8368e7520af45ec332edc41818f7e40803988be2ed57db59999b79f0bc0f052177b9154217b40c4496051ac562d716
SSDEEP

384:baDLgcvCUVkFmWVSi42/QxLVkIrN77nGZITy2uuQA+CewzCgfQ26gbw/0ivK3UYt:b0gcvgFN/J/ykIrN7nGZITyW7zCyQ266

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
287767f1d2e178785410a332ec28bb84_JaffaCakes118

Files

287767f1d2e178785410a332ec28bb84_JaffaCakes118
.dll windows:4 windows x86 arch:x86

59351493c8b59f3f2439343146906dbc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
OpenProcess
WaitForSingleObject
CreateRemoteThread
FreeLibrary
GetVersion
Sleep
GetWindowsDirectoryA
DeleteFileA
WinExec
GetTickCount
GetTempPathA
Process32First
CreateMutexA
CreateThread
ExitProcess
DisableThreadLibraryCalls
GetModuleFileNameA
lstrcatA
GetSystemDirectoryA
SetFileAttributesA
CopyFileA
FindClose
FindNextFileA
FindFirstFileA
GetDriveTypeA
Process32Next
GetCurrentProcess
GetLastError
CloseHandle

user32

wsprintfA
MessageBoxA

advapi32

LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges

msvcrt

_strlwr
strcpy
strncmp
strlen
strtoul
isdigit
sprintf
rand
srand
time
fputs
fopen
strcat
fclose
fscanf
memcpy
strstr
strcmp
memset
free
_initterm
malloc
_adjust_fdiv

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle

Exports

Exports

LpkDllInitialize
LpkDrawTextEx
LpkEditControl
LpkExtTextOut
LpkGetCharacterPlacement
LpkGetTextExtentExPoint
LpkInitialize
LpkPSMTextOut
LpkTabbedTextOut
LpkUseGDIWidthCache
ftsWordBreak
viceTypeF

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59351493c8b59f3f2439343146906dbc

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

wininet

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.reloc Size: 512B - Virtual size: 436B

.text
Size: 7KB - Virtual size: 6KB

.reloc
Size: 512B - Virtual size: 436B