37c085ebd7e0e70176adbae38a9d1785_JaffaCakes118

General

Target

37c085ebd7e0e70176adbae38a9d1785_JaffaCakes118
Size

48KB
MD5

37c085ebd7e0e70176adbae38a9d1785
SHA1

54c267a09d8385527b3d757478ca6cc11c36dfc5
SHA256

c9533245191002b6aed2f240191d27e2e4b0b27f6a0aa4b39c08f3dc50144902
SHA512

db476d21c43d7a5ffa48ad4539c74e7b8e9102e903c0e246853e9da83b071994cee23d9ee54018b8bde6eded66fa428040aa2f08ece1235c2181502dee9bab2c
SSDEEP

768:AG/pvZPBZIAERdi5xgsTyLDU7Qro1xJc3T6QSXJ98aJMLxZsiLD0DHTcA:AQvZPB5E+ngsTy3zr0Jc3Y859SiAcA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37c085ebd7e0e70176adbae38a9d1785_JaffaCakes118

Files

37c085ebd7e0e70176adbae38a9d1785_JaffaCakes118
.dll windows:8 windows x86 arch:x86

12e14894fe4daa487313f6675ad52a3c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SleepEx
ConnectNamedPipe
OpenThread
GetFileAttributesA
WaitForMultipleObjects
SetThreadPriorityBoost
HeapFree
GetFileTime
WriteFile
SetFilePointer
VirtualQuery
IsProcessorFeaturePresent
HeapCreate
HeapSize
RtlMoveMemory
CreateFileA
HeapDestroy
GetNamedPipeInfo
SetFirmwareEnvironmentVariableA
CreateEventA
FileTimeToLocalFileTime
ExitProcess
MapViewOfFileEx
ReadFile
UnmapViewOfFile
DisconnectNamedPipe
HeapAlloc
RtlFillMemory
CreateFileMappingA

dssedusx

PathIsSlowA
DllUnregisterServer
CallCPLEntry16
ILFindLastID
ImmGetHotKey
_ui64toa
ImmGetImeMenuItemsA
PifMgr_OpenProperties
ImmSetStatusWindowPos
_strlwr
iswctype
wcscspn
ImmDisableTextFrameService
wcscmp
ImmFreeLayout
_atoi64
ispunct
ImmTranslateMessage
OpenRegStream
islower
CtfImmRestoreToolbarWnd
ImmGetStatusWindowPos
iscntrl

Exports

Exports

CreateProcessNotify
appizard

Sections

.text
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12e14894fe4daa487313f6675ad52a3c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

dssedusx

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 8KB

.rdata Size: 1KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 36KB - Virtual size: 40KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 6KB - Virtual size: 8KB

.rdata
Size: 1KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 36KB - Virtual size: 40KB

.reloc
Size: 512B - Virtual size: 4KB