02fc1f6725115984a4fc3244e288150f_JaffaCakes118

General

Target

02fc1f6725115984a4fc3244e288150f_JaffaCakes118
Size

89KB
MD5

02fc1f6725115984a4fc3244e288150f
SHA1

c401ad2e6c0aa7dd2f6ac67c1701ba5806029bea
SHA256

e02118627bfdee0143befc065707105b8d2520b894f072648caf1bb1eb2458e6
SHA512

b0b99b1beb3518ada90ff476e805f219d03b1b8f0ccd08c01bc5d06b78b1293da407d8e54d4724bf00b270aa74923e8a4b645f37b72f502a198d4db1b71a07ee
SSDEEP

1536:aNWmkNMvU5NDCEYvavqb9zJjmmNNoOWATiz2nMOyglFh1JmnMOyglFh1JEAJnevL:aNW6vl3oISmToxUYEOgJG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02fc1f6725115984a4fc3244e288150f_JaffaCakes118

Files

02fc1f6725115984a4fc3244e288150f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ed61c3fb5b79787697209228edaa9dff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFileAttributesA
MapViewOfFile
CopyFileW
GetVersionExW
QueryPerformanceFrequency
UnregisterWaitEx
GetCPInfo
LoadLibraryA
ExitProcess
CreateDirectoryExW
ConvertThreadToFiber
GetExitCodeThread
GetModuleHandleA
OutputDebugStringA
GetCPInfoExA
VirtualAlloc
RaiseException
Sleep
DeleteAtom
SetFilePointerEx
CreateFileMappingW
FindAtomA
WideCharToMultiByte
GetLastError
SystemTimeToTzSpecificLocalTime
GetOverlappedResult

msvcrt

_tzset
_CIcos
_mbschr
_spawnve
sinh
exp
_mbcjmstojis
sin
__unDNameEx
__p___argv
fputc
fwrite
_mbsset
memcpy
asin
_mbscpy
__pxcptinfoptrs

user32

ModifyMenuA
AdjustWindowRect
GetParent
TrackPopupMenu
OemToCharA
SetWindowPlacement
GetAncestor
MonitorFromWindow
CreateWindowExW
UpdateWindow
LoadStringW
GetDlgItemTextW
OffsetRect
PostQuitMessage
TranslateMessage
GetMenuState
DispatchMessageW
CheckRadioButton
RegisterClassExW
MessageBoxW

gdi32

SetStretchBltMode
CreateRectRgnIndirect
CreateCompatibleBitmap
SetViewportExtEx
SetPixel
CreateDIBSection
GetNearestColor
SetPaletteEntries
CreateSolidBrush

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 58B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed61c3fb5b79787697209228edaa9dff

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 23KB - Virtual size: 22KB

.rsrc Size: 37KB - Virtual size: 37KB

.reloc Size: 512B - Virtual size: 58B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 23KB - Virtual size: 22KB

.rsrc
Size: 37KB - Virtual size: 37KB

.reloc
Size: 512B - Virtual size: 58B