e01e3c352843810b0f06231d1ac54e3d_JaffaCakes118

General

Target

e01e3c352843810b0f06231d1ac54e3d_JaffaCakes118
Size

46KB
MD5

e01e3c352843810b0f06231d1ac54e3d
SHA1

ee3c83f66b76ae0a1b4fac96af9ba8399ca37462
SHA256

55512e28ebdb3bacc1b83a8686fc40e3461f68cb73972039625b3b9e6401d5cf
SHA512

0f156a6cee4ff9d5183acab071145d9b9284d749b3de1fde5a444003bfb8c575bf90dbbf2dc925a988f7c08f9a363a41335a5e9635814f6492917c75339b43b1
SSDEEP

768:eJQYaUGyoXaLeoNhKCKqUJW+JGM0zjgtEAsA0ZEbHELlv5b8UUuX:qaUWXYUJW8ifADSaHiyUUu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e01e3c352843810b0f06231d1ac54e3d_JaffaCakes118

Files

e01e3c352843810b0f06231d1ac54e3d_JaffaCakes118
.dll windows:1 windows x86 arch:x86

ebbe33244d1f3365c8ff825f282d9c64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

browbdus

OpenAs_RunDLLA
CtfImmDispatchDefImeMessage
vDbgPrintEx
_itow
ILLoadFromStream
ImmEnumInputContext
ImmLockIMC
DllRegisterServer
ImmGenerateMessage
atol
ImmEscapeA
ImmGetStatusWindowPos
ImmAssociateContextEx
RestartDialog
ImmSetCandidateWindow
iscntrl
CtfImmEnterCoInitCountSkipMode
strcmp
ILFree
PifMgr_GetProperties
ImmDestroyIMCC
DAD_AutoScroll
ILSaveToStream
ImmIMPQueryIMEA
FindExeDlgProc
DragFinish

kernel32

lstrlenA
CreateNamedPipeA
UnmapViewOfFile
ReadFile
SetFilePointer
DosDateTimeToFileTime
WaitForSingleObjectEx
HeapLock
CreateEventA
OpenThread
GetThreadPriorityBoost
InterlockedDecrement
InterlockedExchange
IsProcessorFeaturePresent
VirtualQuery
ExitProcess
InterlockedIncrement
InterlockedCompareExchange
GetCurrentDirectoryA
InterlockedFlushSList
HeapFree
SleepEx
MapViewOfFileEx
WaitForMultipleObjects
HeapAlloc
CreateFileMappingA
CreateFileA

Exports

Exports

CreateProcessNotify
DllGetVersion

Sections

.text
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ebbe33244d1f3365c8ff825f282d9c64

Headers

File Characteristics

Imports

browbdus

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 36KB - Virtual size: 36KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 36KB - Virtual size: 36KB

.reloc
Size: 512B - Virtual size: 4KB