946c3034fa6969f25d0031051b1efdb2_JaffaCakes118

General

Target

946c3034fa6969f25d0031051b1efdb2_JaffaCakes118
Size

101KB
MD5

946c3034fa6969f25d0031051b1efdb2
SHA1

fa03b1f9fdda22bb9d413289d0a215b02b282f40
SHA256

1cdcfeddc4a974de1f27b50921ec649f83ecaa140f8bbe99b08c4acb73fae63e
SHA512

de0e90b0b94180162ca9d5b1321f3adf1d35b9fbc2a76ca180259213172476ec018b00e41d6b3d21a0f0d326d619f46c774e0a4f06ce60fa71cc216280d20954
SSDEEP

3072:ajdK365nMbjWF1+hQw9PJhL8jBcO0f0zTMFOh:R3okje1+XPgcO0fnQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
946c3034fa6969f25d0031051b1efdb2_JaffaCakes118

Files

946c3034fa6969f25d0031051b1efdb2_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2babb457d789132fac78472d17767d57

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_tzname
wcstombs
_dstbias
_daylight
strtoul
_initterm
_adjust_fdiv
__dllonexit
_onexit
isdigit
toupper
_strupr
strcspn
strncmp
strpbrk
strncat
_beginthreadex
_endthreadex
_stricmp
strtok
malloc
strstr
mktime
difftime
sscanf
strncpy
_strcmpi
_itoa
time
_ltoa
free
_strdup
swprintf
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
_ftol
atof
atoi
atol
sprintf
wcslen
_timezone
wcscpy

advapi32

RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW

kernel32

GetCommState
SetCommState
SetCommMask
SetCommTimeouts
ReadFile
Sleep
ClearCommError
WriteFile
ReleaseMutex
OpenMutexW
CreateFileW
ResetEvent
GetCurrentThreadId
GetCurrentProcessId
CreateEventW
CloseHandle
MultiByteToWideChar
SetEvent
WaitForSingleObject
LocalAlloc
LocalFree
TerminateThread
GetExitCodeThread
GetTimeZoneInformation
SetThreadAffinityMask
GetProcessAffinityMask
GetCurrentProcess
CreateMutexW

Exports

Exports

UPSCancelWait
UPSGetState
UPSInit
UPSStop
UPSTurnOff
UPSWaitForStateChange

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2babb457d789132fac78472d17767d57

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

Exports

Exports

Sections

.text Size: 82KB - Virtual size: 82KB

.data Size: 7KB - Virtual size: 6KB

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 82KB - Virtual size: 82KB

.data
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 9KB - Virtual size: 8KB