fe8ee3cd9fbc61f06ec7c2fccd55fe8f_JaffaCakes118

General

Target

fe8ee3cd9fbc61f06ec7c2fccd55fe8f_JaffaCakes118
Size

49KB
MD5

fe8ee3cd9fbc61f06ec7c2fccd55fe8f
SHA1

a559bc228533b08540e27c2c3be2260fe3517fba
SHA256

1e69f4f7a14584c6a96912590ed655991ac2317a83da739d8526a69f157962ee
SHA512

025cecb85bfb84bc4397b78186feddabc1d1cf5fbcc18f895da19926c24fce970e073fe230db255217a02614b86710a063bc6f879aba0dc0f30cd45b6796302e
SSDEEP

1536:WevrLTATzcQ+sgfNV0OnD7T1k9nKOBJ/9DElBxF2j:x3TMc04NV0OBYxFwlBx4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe8ee3cd9fbc61f06ec7c2fccd55fe8f_JaffaCakes118

Files

fe8ee3cd9fbc61f06ec7c2fccd55fe8f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

25ceb1d6b5f597e6b06523a20b21296a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

adsnhk32

SdbQueryData
SdbTagRefToTagID
ImmCallImeConsoleIME
ILFindChild
SdbGetMsiPackageInformation
ImmGetStatusWindowPos
SdbGrabMatchingInfo
ImmFreeLayout
InternalExtractIconListA
DragQueryPoint
SdbOpenDatabase
ILFree
SdbUnregisterDatabase
DAD_ShowDragImage
ImmEscapeA
ImmUnlockIMCC
ILGetNext
ImmSetCompositionStringA
ImmGetCandidateListA
ImmSetCompositionFontA
ImmIMPSetIMEA
SdbGetNextChild
ImmSetOpenStatus
ImmReleaseContext
SdbQueryApphelpInformation
CtfImmDispatchDefImeMessage
CheckEscapesA
DragQueryFileA
SdbReadWORDTagRef
Control_FillCache_RunDLLA

kernel32

SetThreadPriority
CreateFileA
GetThreadSelectorEntry
VirtualQueryEx
GetFirmwareEnvironmentVariableA
OpenThread
WriteFileGather
LocalAlloc
WaitForMultipleObjects
ReadFile
MapViewOfFile
CreateFileMappingA
GetFileAttributesA
SetThreadExecutionState
GetThreadLocale
GetThreadTimes
GetModuleHandleA
UnmapViewOfFile
GetFileTime
GetThreadIOPendingFlag
GetProcessHeaps
SetFilePointer
SleepEx

Exports

Exports

CreateProcessNotify
fltmnlpa

Sections

.text
Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25ceb1d6b5f597e6b06523a20b21296a

Headers

File Characteristics

Imports

adsnhk32

kernel32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 40KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 36KB - Virtual size: 40KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB