2ec82ef25264143f5f5ea0e7f2eada9b_JaffaCakes118

General

Target

2ec82ef25264143f5f5ea0e7f2eada9b_JaffaCakes118
Size

82KB
MD5

2ec82ef25264143f5f5ea0e7f2eada9b
SHA1

7a6ebf8e5ae1352d531cefdc0dc6cbee3a4be975
SHA256

279958ebc0c8cf2ccfd99fcc812f557d1a8d1a9e861c2a7b3db6215dd05d7621
SHA512

42cf6803e343f39734c7e3937c9e427c7aa0d6ce66096b105b59e7768700f3a860ad8c645f24baa3fdbd287b77e5e76478c9f0798e80ca2317cf946c4e65837d
SSDEEP

1536:A2D4sZACBegTgm9rklzuPj6X4P4ZokH/Buagcn5+oempQMcuWPnne2:Ai4sZAC0gTgmQyPDYpuagG+oempJcbe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ec82ef25264143f5f5ea0e7f2eada9b_JaffaCakes118

Files

2ec82ef25264143f5f5ea0e7f2eada9b_JaffaCakes118
.dll windows:5 windows x86 arch:x86

184e9e2afad46824f830155fec795007

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileSize
AddAtomA
OpenProfileUserMapping
MapViewOfFileEx
SearchPathA
CopyFileExA
GetCurrentDirectoryA
GetStringTypeExA
VirtualFree
GetFileType
GetFileTime
CreateEventA
GetProfileSectionW
OpenFileMappingW
GetPrivateProfileIntA
GetModuleHandleA
VirtualProtect
VirtualAlloc
CreateDirectoryExA
GetModuleHandleW
LoadLibraryA
ExitProcess

msvcrt

_pctype
_chdrive
_sys_errlist
??3@YAXPAX@Z
fabs
towupper
memcpy
_tolower
__p__osver
rename
abs
tanh
??0bad_cast@@QAE@ABV0@@Z
wcsftime
_statusfp
putwchar
is_wctype
getenv

comdlg32

CommDlgExtendedError
GetFileTitleA
ReplaceTextA
LoadAlterBitmap
GetSaveFileNameA
dwOKSubclass
GetFileTitleA

winmm

midiOutLongMsg
mciGetDeviceIDFromElementIDA
mmioCreateChunk
wid32Message
mciGetCreatorTask
joyReleaseCapture
wod32Message
mixerGetID
midiOutClose
midiInGetID
mixerOpen
midiOutGetDevCapsA
waveOutSetPitch
waveOutReset
mciFreeCommandResource
midiInReset
midiStreamPause

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

184e9e2afad46824f830155fec795007

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

comdlg32

winmm

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 18KB - Virtual size: 18KB

.rsrc Size: 38KB - Virtual size: 38KB

.reloc Size: 512B - Virtual size: 64B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 18KB - Virtual size: 18KB

.rsrc
Size: 38KB - Virtual size: 38KB

.reloc
Size: 512B - Virtual size: 64B