8c05695fe807ad4f3ee6bcc536aef182_JaffaCakes118

General

Target

8c05695fe807ad4f3ee6bcc536aef182_JaffaCakes118
Size

52KB
MD5

8c05695fe807ad4f3ee6bcc536aef182
SHA1

5b7daa51545b7ebb158fd1a1c97e7ba11ccef697
SHA256

c8e283c6fd5247b59109c660ea07592069f367531d97e791b89dc04c63979ad8
SHA512

62b2741bf14d1b6991fb784d7ee55aa215a6721bac97ccb25d7377b553be62ef66fcf990b10f3ae7a7e54a3385f25edf79ba1b36c2ff709fe51971b6c4111e09
SSDEEP

1536:WLY5sZhf4uF0cYJ+1R7FsaSO4VUTRAW8hA:GDhf4TJ+1R7yaQVUTRGS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c05695fe807ad4f3ee6bcc536aef182_JaffaCakes118

Files

8c05695fe807ad4f3ee6bcc536aef182_JaffaCakes118
.dll windows:1 windows x86 arch:x86

ea1128d7c673fcaf11063b919322d5d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualQuery
CreateIoCompletionPort
LeaveCriticalSection
MapViewOfFileEx
PostQueuedCompletionStatus
ReadFile
GetQueuedCompletionStatus
ExitProcess
WaitForSingleObjectEx
InitializeCriticalSection
SetFilePointer
SleepEx
OpenThread
TerminateThread
MapViewOfFile
IsProcessorFeaturePresent
GetFileTime
WaitForMultipleObjects
CreateFileMappingA
CreateFileA
CreateEventA
EnterCriticalSection
UnmapViewOfFile

kbdahk32

ImmGetCandidateWindow
_itow
_vsnwprintf
strncat
ImmUnlockClientImc
ImmGetCompositionStringA
_strlwr
ImmDisableIME
DAD_DragEnterEx2
vDbgPrintEx
ImmGetIMCCLockCount
ImmGetStatusWindowPos
DllInstall
tolower
OpenRegStream
CtfImmDispatchDefImeMessage
ImmGetImeInfoEx
PathCleanupSpec
_CIpow
isspace
ImmGetRegisterWordStyleA
ImmGetConversionStatus
ILCreateFromPathA
ImmGetDescriptionA
IsNetDrive
ImmNotifyIME
_aulldvrm

Exports

Exports

CreateProcessNotify
dllhhost

Sections

.text
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea1128d7c673fcaf11063b919322d5d9

Headers

File Characteristics

Imports

kernel32

kbdahk32

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 36KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 5KB - Virtual size: 8KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 35KB - Virtual size: 36KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 5KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 4KB