ead201b88427df68babe788cd421739b_JaffaCakes118

General

Target

ead201b88427df68babe788cd421739b_JaffaCakes118
Size

161KB
MD5

ead201b88427df68babe788cd421739b
SHA1

4b608c11f4f13c62330b48146722563e3f34d5cf
SHA256

22f6ee71605eb59c51fd46243a5be5ca141bcb66d8107d5747a90d68a8e96ad1
SHA512

814091613f6b495b42234e975c398e3415f1a143ad4c8d3f1b0a5cc05b6fb841395229ad85fcc8ea534099689f8cb0f9b3d23e90a9969d709fd0a9f568e98fd4
SSDEEP

3072:UhSE/PISDsciJbrq16TTMEE9Ej67CcA4ceU6AQyvs/PMVdG:Uhb3txiJXPXg9EjSCcA4fqscjG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ead201b88427df68babe788cd421739b_JaffaCakes118

Files

ead201b88427df68babe788cd421739b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a47a46660584d46d509f78016a8e27ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetVersion
GetStartupInfoA
GetUserDefaultLCID
MulDiv
InterlockedExchangeAdd
GetLocalTime
VirtualAlloc
VirtualProtect
VirtualQuery
LoadLibraryA
GetVersionExA
Sleep
GetComputerNameA
QueryPerformanceFrequency
GetCurrentProcess
IsBadWritePtr
GetSystemTimeAsFileTime
IsBadReadPtr

user32

GetWindow
GetDlgItem
GetIconInfo
GetForegroundWindow
GetMenuContextHelpId
GetWindowContextHelpId
GetClientRect
GetWindowTextA
IsCharUpperA
GetLastActivePopup
GetGUIThreadInfo
GetDesktopWindow
SetLastErrorEx
BlockInput
GetDC
GetWindowRgn
WindowFromDC

advapi32

AreAnyAccessesGranted
IsValidSecurityDescriptor
IsValidAcl

msvcrt

_ltoa
_set_error_mode
rand
_adjust_fdiv
malloc
_initterm
free
_memicmp
_memccpy
_ultoa
floor
modf
ldexp
_pctype
_isctype
frexp
__mb_cur_max
__doserrno
div
_CIasin
_CIsinh
srand

gdi32

GetPixel
GetROP2
GetBitmapDimensionEx
GetStretchBltMode

ole32

CoFileTimeNow

shell32

ord680
ord524

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a47a46660584d46d509f78016a8e27ba

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

gdi32

ole32

shell32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 65KB - Virtual size: 66KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 65KB - Virtual size: 66KB

.reloc
Size: 2KB - Virtual size: 2KB