8c652ea882d61c489f0bdb5979786985_JaffaCakes118

General

Target

8c652ea882d61c489f0bdb5979786985_JaffaCakes118
Size

176KB
MD5

8c652ea882d61c489f0bdb5979786985
SHA1

06dc270e67407b24763dcd1bd66dad1f5937c10e
SHA256

7023bbef76fe7450b8e800814337975df651871abb45487c361898d0a06eb8f9
SHA512

f9c8c41618fd20158fc13283aef2d2f2a3067234217f0aa5c18baf8ef8ce9990a133ac2d78f7b028c8263c9a4c215c43a191eb672322812158a7e04d98e4b7a9
SSDEEP

3072:FPf9vs86twbBZi2hXV9qPxhCBxLJPLrd138cL3oUS9EiHaFlIGW5:Zf9vD66bBZhl9kX0ld1scL29E1FOZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c652ea882d61c489f0bdb5979786985_JaffaCakes118

Files

8c652ea882d61c489f0bdb5979786985_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5294d616622207a9e21f59f764e5b0fc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
FileTimeToLocalFileTime
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetStartupInfoA
GetVersion
GlobalLock
HeapAlloc
HeapCreate
HeapReAlloc
HeapSize
InterlockedExchange
MultiByteToWideChar
RtlUnwind
SetEnvironmentVariableA
SetLastError
SetPriorityClass
SetUnhandledExceptionFilter
VirtualAlloc
WideCharToMultiByte

msvcrt

srand
strpbrk
strspn
swscanf
__getmainargs
__p__commode
exit
rand
realloc
__set_app_type

user32

GetSystemMetrics
IsIconic
SetWindowPlacement
DrawTextA

winmm

joyGetNumDevs
joyGetDevCapsA
joySetThreshold
joyReleaseCapture
joySetCapture

ole32

CoTaskMemAlloc
CoCreateInstance
CoBuildVersion
CLSIDFromString

shlwapi

StrToIntA
StrStrW
StrStrIA
PathStripPathA
PathRenameExtensionA

Exports

Exports

DowngradeAPL
ExtTextOutComplex
FC_GetFunctionList
FlushWZCDbLog
ISelectionBoundsRaw
OpenComponentLibraryOnStreamEx
SetStreamFrameRate

Sections

.text
Size: 107KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5294d616622207a9e21f59f764e5b0fc

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

winmm

ole32

shlwapi

Exports

Exports

Sections

.text Size: 107KB - Virtual size: 204KB

.data Size: 66KB - Virtual size: 68KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 107KB - Virtual size: 204KB

.data
Size: 66KB - Virtual size: 68KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB