b4ce032f677e6f1233e27954d9dd9de9_JaffaCakes118

General

Target

b4ce032f677e6f1233e27954d9dd9de9_JaffaCakes118
Size

38KB
MD5

b4ce032f677e6f1233e27954d9dd9de9
SHA1

ae6543c6f2d71eb18b1bc82b67041394e1e7e9a8
SHA256

5808f15941ff8bc3758d2d176c485f7b12ace0209df475533fa80a683fd9f7f6
SHA512

80d1c28ec4ea18da53b28f9672d1e8a6416c4c472704670fa113c85ad253fc3dff8632d36d09a129446f2421069f11cacbf8dc06884b1308628d8f6c0c57f291
SSDEEP

768:Cln9/KmmTO7OTIDfAV875+9B4mQTle/+o4oX/IF8GSY:G98OeyfAV872xQTwmo4o3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4ce032f677e6f1233e27954d9dd9de9_JaffaCakes118

Files

b4ce032f677e6f1233e27954d9dd9de9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6c678f4c1e9ae6fb0ee08600ed9d2f49

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateThread
EnterCriticalSection
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindResourceA
FreeEnvironmentStringsW
GetACP
GetCommandLineA
GetEnvironmentStringsA
GetModuleHandleA
GetModuleHandleW
GetNumberFormatA
GetOEMCP
GetStartupInfoA
GlobalUnlock
HeapAlloc
HeapCreate
HeapReAlloc
IsValidCodePage
LCMapStringW
MultiByteToWideChar
RtlUnwind
SetEndOfFile
SetEvent
SetLastError
SetUnhandledExceptionFilter
VirtualAlloc
lstrcmpA
lstrcpyA
lstrlenA

msvcrt

__p__commode
__set_app_type
exit
strpbrk
strspn
wcscat
__getmainargs

user32

AppendMenuA
CreateMenu
DialogBoxParamA
FindWindowExA
GetMenuItemCount
GetSystemMetrics
GetWindowPlacement
OpenClipboard
TrackPopupMenu

winmm

mmioDescend
mmioRenameA
mmioSendMessage
mmioSetBuffer
timeEndPeriod
waveOutGetNumDevs
mixerGetID

Exports

Exports

GetLOD
W32N_GetAdapterRegistryInfoBySubkeyIndex

Sections

.text
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c678f4c1e9ae6fb0ee08600ed9d2f49

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

winmm

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 32KB

.data Size: 7KB - Virtual size: 8KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 28KB - Virtual size: 32KB

.data
Size: 7KB - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB