83392ae14339814ba883ce0cedc18a03_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

83392ae14339814ba883ce0cedc18a03_JaffaCakes118
Size

29KB
MD5

83392ae14339814ba883ce0cedc18a03
SHA1

5cbad4f359eea4c8abdf4cbf255987176d72fecb
SHA256

4379ae78de905bd90804f04cf41c73e720aace2a2b0ea47801b40b2ccef63651
SHA512

5b7c55fe88defb5ca556ee07da3861153c4ed26ff23269790af61a8feb379029e2bb8956bed0597681a53d24b20ab081a554fdeb4e0a0078c868ca853ce73640
SSDEEP

384:TCyJ2UBZE+u49b6t97jy7NSAJkDnX/HDZKvKAD5wTLcIQiD4fhxfLpfAQ9+naJEl:YGb6blAYnPDcvKAdALqikLLBAl6dWP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83392ae14339814ba883ce0cedc18a03_JaffaCakes118

Files

83392ae14339814ba883ce0cedc18a03_JaffaCakes118
.dll windows:1 windows x86 arch:x86

bb50a1d1e398116480818f51989d98b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CharUpperBuffA
LoadStringA
MessageBoxA

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
GetCurrentThread
GetEnvironmentStrings
GetFileType
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStdHandle
GetVersion
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
SetConsoleCtrlHandler
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcpyA

gregor

CalfltAbsoluteFromForeign_

Exports

Exports

HoliGetHolidayNameOfADay_
HoliGetInfo_

Sections

AUTO
Size: 19KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 3KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb50a1d1e398116480818f51989d98b6

Headers

File Characteristics

Imports

user32

kernel32

gregor

Exports

Exports

Sections

AUTO Size: 19KB - Virtual size:

.idata Size: 2KB - Virtual size:

DGROUP Size: 3KB - Virtual size:

.bss Size: 5KB - Virtual size:

.edata Size: 512B - Virtual size:

.reloc Size: 2KB - Virtual size:

.rsrc Size: 1KB - Virtual size:

AUTO
Size: 19KB - Virtual size:

.idata
Size: 2KB - Virtual size:

DGROUP
Size: 3KB - Virtual size:

.bss
Size: 5KB - Virtual size:

.edata
Size: 512B - Virtual size:

.reloc
Size: 2KB - Virtual size:

.rsrc
Size: 1KB - Virtual size: