33f695085586a1ef6f8d8937e68f0837_JaffaCakes118

General

Target

33f695085586a1ef6f8d8937e68f0837_JaffaCakes118
Size

64KB
MD5

33f695085586a1ef6f8d8937e68f0837
SHA1

0bc7584a89bf68134b82ca65cb3fedf487c4c677
SHA256

8395175fe8e82eb0df0b7c9beb8ce1dbabc02060c9d11ba85b8f2f704494bd96
SHA512

aba8d90124a44829c48702b6ed25ad920f18fe02a1fc91efff23dfc64fd0f2cc06a7582b8b9bfd817b6a027e1ed38143e1e37e233133a06adbce0b22e45ac068
SSDEEP

1536:FcwRmMYhimKPXAjlF+LgEwM8eMxA/uRXkSTWyOBKtFZq8O:qw7YhimqXEv+LglZMgUSw0m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33f695085586a1ef6f8d8937e68f0837_JaffaCakes118

Files

33f695085586a1ef6f8d8937e68f0837_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6c997ce2516df5144368eb36ca2d512e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

DispatchMessageA
DestroyIcon
CreateMenu
CreateIconFromResource
CreateDialogParamA
CreateDesktopW
CreateCursor
CreateAcceleratorTableA
CharUpperA
CharToOemA
CharLowerA
BeginPaint
ActivateKeyboardLayout

kernel32

GetPrivateProfileStringA
lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
VirtualFree
UnmapViewOfFile
TlsGetValue
TlsFree
ReadFile
OpenFile
MapViewOfFile
LocalAlloc
LoadResource
CompareStringA
EnterCriticalSection
FindResourceA
GetDateFormatA
GetFileSize
GetSystemTime
GetSystemTimeAsFileTime
GetVersionExA
LeaveCriticalSection

Exports

Exports

DllCanUnloadNow
DllGetClassObject
a

Sections

.text
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data0
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c997ce2516df5144368eb36ca2d512e

Headers

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 104KB

.data Size: 54KB - Virtual size: 56KB

.rsrc Size: 2KB - Virtual size: 4KB

.idata Size: 1024B - Virtual size: 4KB

.data0 Size: 4KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 544B

.text
Size: 1024B - Virtual size: 104KB

.data
Size: 54KB - Virtual size: 56KB

.rsrc
Size: 2KB - Virtual size: 4KB

.idata
Size: 1024B - Virtual size: 4KB

.data0
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 544B