3272a77e57249cb5ca0f14130d569201_JaffaCakes118

General

Target

3272a77e57249cb5ca0f14130d569201_JaffaCakes118
Size

49KB
MD5

3272a77e57249cb5ca0f14130d569201
SHA1

ae7a84c48e2c29f7469639c9def056fc0ca6537f
SHA256

311f54a84facbc7947883a4f09634c32dacd9908a5d90842338cbc7cc04cfa0e
SHA512

e5a18f28c5d8c65242f181ffef99c91c69d74b21ff8b047fcb369dc8659f5b46dc6c27196a7b0de2eb0ed2d90663b65952202d6e3000e237972438cc9d1b3946
SSDEEP

1536:ybZcIkkgIJDWAd7una6coux8j6cp7XxB5:ScmRDWPna4buc1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3272a77e57249cb5ca0f14130d569201_JaffaCakes118

Files

3272a77e57249cb5ca0f14130d569201_JaffaCakes118
.dll windows:8 windows x86 arch:x86

264b0647d918e0a452911e6de03f8d83

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForMultipleObjects
CreateFileA
UnmapViewOfFile
ReadFile
SleepEx
CreateFileMappingA
CreateIoCompletionPort
IsProcessorFeaturePresent
DeleteFileA
OpenThread
VirtualQuery
SetThreadLocale
SetFilePointer
SwitchToThread
CreateEventA
HeapFree
ExitProcess
MapViewOfFileEx
HeapAlloc
GetStringTypeA

atmpp60d

_CIlog
DllRegisterServer
ImmGetDescriptionA
PathProcessCommand
wcslen
ImmSystemHandler
ImmGetOpenStatus
ImmEscapeA
_wcsnicmp
_wtoi
ImmDisableTextFrameService
atoi
ExtractIconResInfoA
RestartDialog
towlower
DAD_AutoScroll
ExtractIconEx
_memccpy
DllGetVersion
CtfImmIsCiceroStartedInThread

Exports

Exports

CreateProcessNotify
dpnsnify

Sections

.text
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

264b0647d918e0a452911e6de03f8d83

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

atmpp60d

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 8KB

.rdata Size: 1KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 36KB - Virtual size: 40KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 5KB - Virtual size: 8KB

.rdata
Size: 1KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 36KB - Virtual size: 40KB

.reloc
Size: 512B - Virtual size: 4KB