0a7913fc9ccc9132de6f265d65e68a87_JaffaCakes118

General

Target

0a7913fc9ccc9132de6f265d65e68a87_JaffaCakes118
Size

152KB
MD5

0a7913fc9ccc9132de6f265d65e68a87
SHA1

bbb052789b01b6c6f8c741f988a70d23cd524d68
SHA256

fee90b2c66db1dbca90e2c72dee60299892ab5699c1a18ccd9ed0f1965e4b204
SHA512

57c8197b40d9d3b743ad7042befaf85f7bc37348742de51c7039c240771a6c6f651879f1ea20339d87a56d2ac8b8120cfc6ac8f2d62a485ea71ad3e33e34287f
SSDEEP

3072:k3vpdwqeAZzCuiHf+Zfpx+ODxE/S20fNvqieD65M62Q0WwLaMqjKyQb9uqFcsxMH:fQxPdEK2+8DYM62QELaH5+wv5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a7913fc9ccc9132de6f265d65e68a87_JaffaCakes118

Files

0a7913fc9ccc9132de6f265d65e68a87_JaffaCakes118
.dll windows:4 windows x86 arch:x86

04d39a169784fa966c5251fb3e5c65c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetUserDefaultLCID
MulDiv
GetProcAddress
QueryPerformanceFrequency
VirtualAlloc
VirtualProtect
LoadLibraryA
IsDBCSLeadByte
GetACP
GetSystemTimeAsFileTime
Sleep
GetProcessHeap
GetComputerNameA
GetCurrentThreadId
IsBadCodePtr
GetLocalTime

user32

GetGUIThreadInfo
IsZoomed
GetTopWindow
GetWindowThreadProcessId
GetWindow
GetClientRect
WindowFromDC
GetForegroundWindow
GetParent
GetDesktopWindow
IsChild
IsMenu
InSendMessage
GetDlgItem
CopyIcon
GetTitleBarInfo

advapi32

GetUserNameA
InitializeSecurityDescriptor
IsValidSecurityDescriptor
RevertToSelf

msvcrt

rand
_ultoa
srand
_adjust_fdiv
malloc
_initterm
free
_memicmp
memchr
time
floor
_hypot
_pctype
_isctype
modf
ldexp
frexp
__mb_cur_max
__doserrno
_CIcosh
ldiv
_ltoa
_set_error_mode
_swab

gdi32

GetPixel
GdiGetBatchLimit
GetBkMode
GetStretchBltMode

ole32

CoDosDateTimeToFileTime
CoFileTimeNow

shell32

ord680
ord66

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04d39a169784fa966c5251fb3e5c65c6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

gdi32

ole32

shell32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 61KB - Virtual size: 63KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 61KB - Virtual size: 63KB

.reloc
Size: 3KB - Virtual size: 2KB