b91144d5487d8f2a6024a939ac38a048_JaffaCakes118

General

Target

b91144d5487d8f2a6024a939ac38a048_JaffaCakes118
Size

101KB
MD5

b91144d5487d8f2a6024a939ac38a048
SHA1

4d6b45020c242478777c189db3c23d1d0a77f6d3
SHA256

d8d391dd9f6bf3fdb8911d0fbb30adccbc59efa2ca4c1684747481a2d6274db8
SHA512

3dad5cd684a2d1806ea17852b083294681e24473c3996f203bec5164b9fc9c4941c32292d594475375fc2a5d6c0b8f24b2ce0ead8a202c768819edf207ae2fac
SSDEEP

3072:vEdK37EUuni4rEg18SYO0mIPdb013GsQWL82Q20//YzTMFI:l3khrh1aGsba8/bq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b91144d5487d8f2a6024a939ac38a048_JaffaCakes118

Files

b91144d5487d8f2a6024a939ac38a048_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2babb457d789132fac78472d17767d57

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_tzname
wcstombs
_dstbias
_daylight
strtoul
_initterm
_adjust_fdiv
__dllonexit
_onexit
isdigit
toupper
_strupr
strcspn
strncmp
strpbrk
strncat
_beginthreadex
_endthreadex
_stricmp
strtok
malloc
strstr
mktime
difftime
sscanf
strncpy
_strcmpi
_itoa
time
_ltoa
free
_strdup
swprintf
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
_ftol
atof
atoi
atol
sprintf
wcslen
_timezone
wcscpy

advapi32

RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW

kernel32

GetCommState
SetCommState
SetCommMask
SetCommTimeouts
ReadFile
Sleep
ClearCommError
WriteFile
ReleaseMutex
OpenMutexW
CreateFileW
ResetEvent
GetCurrentThreadId
GetCurrentProcessId
CreateEventW
CloseHandle
MultiByteToWideChar
SetEvent
WaitForSingleObject
LocalAlloc
LocalFree
TerminateThread
GetExitCodeThread
GetTimeZoneInformation
SetThreadAffinityMask
GetProcessAffinityMask
GetCurrentProcess
CreateMutexW

Exports

Exports

UPSCancelWait
UPSGetState
UPSInit
UPSStop
UPSTurnOff
UPSWaitForStateChange

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2babb457d789132fac78472d17767d57

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

Exports

Exports

Sections

.text Size: 82KB - Virtual size: 82KB

.data Size: 7KB - Virtual size: 6KB

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 82KB - Virtual size: 82KB

.data
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 9KB - Virtual size: 8KB