073c4dc177d31e6ba83bbdeebf1d32a0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

073c4dc177d31e6ba83bbdeebf1d32a0_JaffaCakes118
Size

71KB
MD5

073c4dc177d31e6ba83bbdeebf1d32a0
SHA1

77dbcfa695d94e9977e28c3d765ea0fa26b7a249
SHA256

7d6bf79c6ddf1387856f663b78e39052df83eca4a2604e0abbda99a577921ca9
SHA512

2622617eb84497ed50b1e9479882e0d534aa059be2cd8b4a4fc369c9220eb5e2e136db0bbb3a56cc8a460fab823baa643a9d6bb66b10f581fd07097c3bda3bbb
SSDEEP

1536:ZrjD4sHTQznHGG3KdMHraSw4v4Ln1gREkxSbJfySAnLMvl/F:B4dHGGMIrefnFkxSN6j4l/F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
073c4dc177d31e6ba83bbdeebf1d32a0_JaffaCakes118

Files

073c4dc177d31e6ba83bbdeebf1d32a0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1c7d7eafa32152fdf5abe63083e02d81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
VirtualProtect
GetCommandLineA
GetVersion
LocalFree
lstrcpyW
lstrcmpW
GetLastError
CreateMutexW
ReleaseMutex
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
ResetEvent
LeaveCriticalSection
lstrlenW
WideCharToMultiByte
SetEvent
CreateEventW
LocalAlloc
GetOverlappedResult
GetComputerNameW
CancelIo
CreateEventA
CreateFileW
CreateFileA
ExitThread
ReadFile
WaitForSingleObject
SetLastError
PeekNamedPipe
WriteFile
TransactNamedPipe
WaitForSingleObjectEx
FreeLibrary
GetProcAddress
LoadLibraryA
Sleep
CloseHandle
MultiByteToWideChar
CreateThread
SetNamedPipeHandleState

user32

TrackPopupMenu
DestroyMenu
WinHelpW
GetDlgCtrlID
DestroyWindow
LoadCursorW
GetParent
DefWindowProcW
AppendMenuW
CreatePopupMenu
GetCursorPos
SetFocus
LoadIconW
EnableWindow
SetPropW
GetCursor
SetCursor
MessageBoxW
LoadStringW
GetWindow
GetDlgItem
SendMessageW
SetWindowPos
GetClientRect
SystemParametersInfoW
SetWindowLongW
GetWindowLongW
EndDialog

ole32

CLSIDFromString

msvcrt

_adjust_fdiv
_initterm
wcscpy
wcslen
wcstombs
_snwprintf
_wgetenv
_snprintf
free
malloc
wcsncpy
wcstoul
__RTDynamicCast
_beginthreadex
_wcsicmp
_strnicmp
wcscmp
_except_handler3
__CxxFrameHandler

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c7d7eafa32152fdf5abe63083e02d81

Headers

File Characteristics

Imports

kernel32

user32

ole32

msvcrt

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 34KB - Virtual size: 68KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 34KB - Virtual size: 68KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB