b4f2a1266aca3dfc06551965828ba83c_JaffaCakes118

General

Target

b4f2a1266aca3dfc06551965828ba83c_JaffaCakes118
Size

158KB
MD5

b4f2a1266aca3dfc06551965828ba83c
SHA1

cd0730758a00c5a3bee17f91f468da31b98887a8
SHA256

1f1872c5a8cfe62efe769de1696df1b8c54e079cd1d72b8182dedf08f684e0b9
SHA512

7cb7bff12428320c98eb17742ff1c23672caf36a7a1e9d9378233bb2f82ee9e56e0b4aff73afe6d0ce3f94e0041b9ceae5bb255f1ba39174a0868184ca505153
SSDEEP

3072:7UJPExSL79RtXbE0S71/5lxU73hWjmBgwketKentSrP4UxyqdtWPqkhyh9X1t6r:7UJPEk7360cdI3jBeQKentc53sPIT1tE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4f2a1266aca3dfc06551965828ba83c_JaffaCakes118

Files

b4f2a1266aca3dfc06551965828ba83c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

db53644bae5fa96e1bb3a027dc077cf2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsDebuggerPresent
Sleep
GetACP
IsDBCSLeadByte
LoadLibraryA
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
GetProcAddress
SetLastError
GetStartupInfoA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetLocalTime
VirtualAlloc
VirtualProtect
VirtualQuery
GetTickCount
GetLastError
GetComputerNameA
IsBadWritePtr
GetCurrentProcess
IsBadStringPtrA
IsBadCodePtr
GetVersion

user32

GetCursor
IsWindowUnicode
GetMenuContextHelpId
GetWindowTextLengthA
IsCharUpperA
IsCharAlphaNumericA
GetWindowRgn
GetWindowDC
GetDC
WindowFromDC
CopyIcon
GetDlgItem
GetTitleBarInfo
GetWindow
IsZoomed
GetGUIThreadInfo
GetParent
BlockInput
IsChild
GetWindowTextA

advapi32

IsValidAcl

msvcrt

_adjust_fdiv
malloc
_initterm
free
memchr
__doserrno
_memccpy
srand
rand
_CIcosh
_ltoa
_errno
__mb_cur_max
time
_pctype
ldexp
_isctype
_itoa

gdi32

GetBitmapDimensionEx
GetBkMode
GdiFlush
GetPixel

ole32

CoFileTimeNow
CoDosDateTimeToFileTime
CoGetCurrentProcess

shell32

ord64
ord524

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db53644bae5fa96e1bb3a027dc077cf2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

gdi32

ole32

shell32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 62KB - Virtual size: 63KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 62KB - Virtual size: 63KB

.reloc
Size: 3KB - Virtual size: 2KB