b01f01b76fea67f012cf9dabb0514055_JaffaCakes118

General

Target

b01f01b76fea67f012cf9dabb0514055_JaffaCakes118
Size

162KB
MD5

b01f01b76fea67f012cf9dabb0514055
SHA1

b0328ec878f4751b85d6ed42eeac2eb8626cb950
SHA256

de334c9ccb20f5f922741fd3d0810b134d2c928c6eaf545d96bbdde7b025c208
SHA512

72e1e5c2e05cb6053c785d2156ceee3093bf04ee9cd439936c5f13a63f3e4cab68197214a3a741445723fb4b8698df3ddbe6e4ac7e6e4fc59d272d505563e9ac
SSDEEP

3072:k3vpdwqeAZzCuiHf+Zfpx+ODxE/S20fNvqieD65M62Q0WwLaMqjKyQb9uqFcsxMs:fQxPdEK2+8DYM62QELaH5+wvUnlv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b01f01b76fea67f012cf9dabb0514055_JaffaCakes118

Files

b01f01b76fea67f012cf9dabb0514055_JaffaCakes118
.dll windows:4 windows x86 arch:x86

04d39a169784fa966c5251fb3e5c65c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetUserDefaultLCID
MulDiv
GetProcAddress
QueryPerformanceFrequency
VirtualAlloc
VirtualProtect
LoadLibraryA
IsDBCSLeadByte
GetACP
GetSystemTimeAsFileTime
Sleep
GetProcessHeap
GetComputerNameA
GetCurrentThreadId
IsBadCodePtr
GetLocalTime

user32

GetGUIThreadInfo
IsZoomed
GetTopWindow
GetWindowThreadProcessId
GetWindow
GetClientRect
WindowFromDC
GetForegroundWindow
GetParent
GetDesktopWindow
IsChild
IsMenu
InSendMessage
GetDlgItem
CopyIcon
GetTitleBarInfo

advapi32

GetUserNameA
InitializeSecurityDescriptor
IsValidSecurityDescriptor
RevertToSelf

msvcrt

rand
_ultoa
srand
_adjust_fdiv
malloc
_initterm
free
_memicmp
memchr
time
floor
_hypot
_pctype
_isctype
modf
ldexp
frexp
__mb_cur_max
__doserrno
_CIcosh
ldiv
_ltoa
_set_error_mode
_swab

gdi32

GetPixel
GdiGetBatchLimit
GetBkMode
GetStretchBltMode

ole32

CoDosDateTimeToFileTime
CoFileTimeNow

shell32

ord680
ord66

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04d39a169784fa966c5251fb3e5c65c6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

gdi32

ole32

shell32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 61KB - Virtual size: 63KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 61KB - Virtual size: 63KB

.reloc
Size: 3KB - Virtual size: 2KB