dbae47be94d59986aa4e1f82cf3cfdfd_JaffaCakes118

General

Target

dbae47be94d59986aa4e1f82cf3cfdfd_JaffaCakes118
Size

53KB
MD5

dbae47be94d59986aa4e1f82cf3cfdfd
SHA1

10a212ee58b076f77faa42f80d382d488eb2d687
SHA256

53fc4e8ea30b7bee5433fdda7c77684f57882d028728d3e9d007967b15b509da
SHA512

2fdefa05a87d7f508c312ad40699927a7169cd74c0cc5c04e88b0f3cae1e91e4ecd2f0385285d4cb37ad98322846e9d84cd132198e40749ae13b9d1d203e18da
SSDEEP

768:Fnm1tv3+ot5kUDoahoFMeAJOtNgjH9sScNEgKBvOqXosQa8vDxLWaM+1gh:1m1V3+ot5kUDomoMXOkr9sS8EgKB2Qh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbae47be94d59986aa4e1f82cf3cfdfd_JaffaCakes118

Files

dbae47be94d59986aa4e1f82cf3cfdfd_JaffaCakes118
.dll windows:3 windows x86 arch:x86

6c7f5ae903aff35fa5593ff6f0a12051

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

imagcr32

ImmGetIMCCLockCount
ImmGetImeMenuItemsA
_itow
_tolower
CtfImmSetAppCompatFlags
ImmGetCandidateWindow
_memicmp
CtfImmCoUninitialize
_splitpath
RealShellExecuteA
iswspace
wcstombs
ceil
strcat
CtfImmDispatchDefImeMessage
_alloca_probe
__isascii
ImmSetConversionStatus
ImmGetRegisterWordStyleA
_alldvrm
abs
ExtractIconExA
ImmCreateContext
_CIpow
_wtoi
ILCloneFirst
ImmIMPGetIMEA
ImmIMPQueryIMEA

kernel32

GetThreadTimes
SetCurrentDirectoryA
EncodePointer
ConnectNamedPipe
InterlockedExchange
SetFilePointer
IsProcessorFeaturePresent
WriteFile
DecodePointer
GetQueuedCompletionStatus
GetStringTypeExA
SetNamedPipeHandleState
UnmapViewOfFile
CreateFileMappingA
OpenThread
ReadFile
CreateIoCompletionPort
CreateFileA
ExitProcess
WaitForMultipleObjects
MapViewOfFile
VirtualQueryEx
CreateFileMappingW

Exports

Exports

CreateProcessNotify
DllGetVersion

Sections

.text
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c7f5ae903aff35fa5593ff6f0a12051

Headers

File Characteristics

Imports

imagcr32

kernel32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 36KB

.rdata Size: 1KB - Virtual size: 4KB

.data Size: 10KB - Virtual size: 12KB

.rsrc Size: 7KB - Virtual size: 8KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 36KB

.rdata
Size: 1KB - Virtual size: 4KB

.data
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 7KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 4KB