35321b50c06b93c525a33fa2ca188ad1_JaffaCakes118

General

Target

35321b50c06b93c525a33fa2ca188ad1_JaffaCakes118
Size

37KB
MD5

35321b50c06b93c525a33fa2ca188ad1
SHA1

c660e79fe6b4e9f9a21ff3a9bbe8493c0501b2d7
SHA256

4bf6512cbd674c19e06a38e54da1619e00be36360e44ffcc6a9c0ee7840aaaa2
SHA512

62e99ce6bdb92da407456ee5b15c6ff06ffe16280f2709f4015192dc611cbfd081af11dcfdd0adb92f17ba8b3e92b9837541812ebc87e41949e60e2c083996ba
SSDEEP

384:smm13gRi3pt3Z1vlNy8IhM7ie+53H2W1V8yc9cz94JH4oQ2+tss+t57Z7d8:Igcn3Z1vfy8OM7GB1YcvP2VsCZ7d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35321b50c06b93c525a33fa2ca188ad1_JaffaCakes118

Files

35321b50c06b93c525a33fa2ca188ad1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5f9bfd2df43f89f3b69b243e2fd02b75

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTempPathA
GetPrivateProfileStringA
GetProcAddress
IsBadReadPtr
CreateEventA
OpenEventA
TerminateProcess
GetCurrentProcess
GetModuleFileNameA
CloseHandle
SetEvent
GetTickCount
GetFileSize
ReadFile
SetFilePointer
CreateFileA
WriteFile
HeapAlloc
GetProcessHeap
VirtualProtect
DeleteFileA
GetModuleHandleA
LoadLibraryW
MultiByteToWideChar
LoadLibraryA
lstrcatA
CreateThread
Sleep
ExitProcess

user32

BroadcastSystemMessageA
SetWindowsHookExA
CallNextHookEx
wvsprintfA

msvcrt

_strnicmp
_strcmpi
_except_handler3
free
sprintf
atoi
strncpy
isdigit
isalpha
_strupr
rand
srand
malloc
strrchr
_itoa
realloc
strstr
_strlwr
_initterm
_adjust_fdiv

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vmp0
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f9bfd2df43f89f3b69b243e2fd02b75

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 30KB - Virtual size: 29KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 402KB

vmp0 Size: 512B - Virtual size: 1B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 402KB

vmp0
Size: 512B - Virtual size: 1B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 3KB - Virtual size: 2KB