a33277fe6aa1c456279fe39e8b132df0_JaffaCakes118

General

Target

a33277fe6aa1c456279fe39e8b132df0_JaffaCakes118
Size

62KB
MD5

a33277fe6aa1c456279fe39e8b132df0
SHA1

cca2ca851cd180a63cec9294f23332bf73c93301
SHA256

f837a42fea5d77489a9dc36ebff005f6b34d76b17151648a80be6c310bf387e6
SHA512

b8cc5dd6b97cbe3e3d3b3982e573a28c3e4d0392df91e075034349794e054380ae767ed1bb444dff29b254bfa3995f75663540477ba56a79e994d31d31de60d0
SSDEEP

768:eMhv/cwCwCTUF++fjfIw079oKtTDju3o4Z8gMrX18Uvt3gqHMVFYYC8j0xPl:e6v/nC5f+fswDWneMrX18Uvt3qVzCZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a33277fe6aa1c456279fe39e8b132df0_JaffaCakes118

Files

a33277fe6aa1c456279fe39e8b132df0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b6ccc25da7d8403df5c4504a2dceac4a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

PeekMessageA
SendMessageA
DispatchMessageA
TranslateMessage
PostThreadMessageA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

msvcrt

fwrite
_fdopen
_close
_open
sscanf
fseek
strncmp
rename
atoi
tolower
strstr
_strlwr
malloc
ftell
calloc
_initterm
_adjust_fdiv
printf
puts
strrchr
??3@YAXPAX@Z
??2@YAPAXI@Z
strncat
fgets
strchr
strncpy
atol
atof
qsort
fread
sprintf
fopen
_snprintf
fputs
fclose
_stricmp
_strnicmp
remove
free

kernel32

LeaveCriticalSection
InitializeCriticalSection
GetFileSize
GetModuleFileNameA
GetCurrentDirectoryA
MoveFileA
GetModuleHandleA
GetProcAddress
EnterCriticalSection
SetFilePointer
ReadFile
SetFileAttributesA
MultiByteToWideChar
FindFirstFileA
RemoveDirectoryA
FindNextFileA
FindClose
CreateDirectoryA
CreateFileA
Sleep
ExitThread
GetFullPathNameA
DeleteFileA
CreateThread
WaitForSingleObject
CloseHandle
GetSystemTime
DeleteCriticalSection

Exports

Exports

AddReply
HandleEventHook
RegisterCallback

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6ccc25da7d8403df5c4504a2dceac4a

Headers

File Characteristics

Imports

user32

ole32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 6KB - Virtual size: 7KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 6KB - Virtual size: 7KB

.reloc
Size: 2KB - Virtual size: 2KB