339726543816bae7685548f15ec6aa0a_JaffaCakes118

General

Target

339726543816bae7685548f15ec6aa0a_JaffaCakes118
Size

163KB
MD5

339726543816bae7685548f15ec6aa0a
SHA1

7b5bd0ab9054e28bd5ff171cf879c83c20a74a5d
SHA256

45cf3399c6c254e2f2a5ab69f46455551820bf1f7fdb3d1031c79156c0592017
SHA512

1ab66055de10d3365e7d766abe306b785f3a5cb5546a1b6b83096b78740d395a8b12194a5a53bb06948b760700ffcdad56bcc9b1d03152fcea9d1c2523a921cf
SSDEEP

3072:UPNi/KfDMw9j14FOEsy/b5/rOiRK2mGQKds6XYr3U0GPh7y3YenMECxV3:wEMDMDTtjJRK2mGa6Xmk0GPJgnk3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
339726543816bae7685548f15ec6aa0a_JaffaCakes118

Files

339726543816bae7685548f15ec6aa0a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ef230874806ebe11b8048a34dd9c0006

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetUserDefaultLCID
MulDiv
GetLocalTime
GetStartupInfoA
VirtualProtect
VirtualQuery
GetTickCount
GetProcAddress
InterlockedIncrement
LoadLibraryA
IsDBCSLeadByte
GetVersionExA
Sleep
QueryPerformanceCounter
GetCurrentThreadId
VirtualAlloc
IsBadStringPtrA

user32

GetDC
IsWindowVisible
GetTitleBarInfo
GetAncestor
GetDlgItem
GetWindowContextHelpId
GetClientRect
IsCharLowerA
CopyIcon
GetWindowRgn
GetWindowDC
GetGUIThreadInfo
GetParent
GetDesktopWindow
IsChild
BlockInput
IsCharAlphaA

advapi32

AreAnyAccessesGranted
InitializeSecurityDescriptor
IsValidSecurityDescriptor
RevertToSelf

msvcrt

__mb_cur_max
_adjust_fdiv
malloc
_initterm
free
_memccpy
_ultoa
_set_error_mode
rand
_ltoa
_isctype
time
floor
_pctype

gdi32

GdiFlush
GetROP2
GetBkColor
GetBitmapDimensionEx

ole32

CoFileTimeNow

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef230874806ebe11b8048a34dd9c0006

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

gdi32

ole32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 65KB - Virtual size: 66KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 65KB - Virtual size: 66KB

.reloc
Size: 3KB - Virtual size: 2KB