13cc0ce18c41a1f55d5eb3eca5603d71_JaffaCakes118

General

Target

13cc0ce18c41a1f55d5eb3eca5603d71_JaffaCakes118
Size

55KB
MD5

13cc0ce18c41a1f55d5eb3eca5603d71
SHA1

f918c46c26ef7c2da0da04cb4581151b440dbf5b
SHA256

e115c63e25f8f77a0bd64027f1cc148da4f7d8d6f56b0e106b742a8e098504f6
SHA512

99bd72c41b59770b9427223771fc33231ec74c203ad1765cc3d0a5d7537b6dff08adb64cf28fefcd5b705a66a9f2d1eaf1c0306fd6f6104b093b4319d01a68ff
SSDEEP

768:2n3xJ5oo1YErNaKd1CiQZ5vfpdQoxqkPzulx0inHpXK303XumrPMRYXJNT4b/ajW:23xJ5PYnN5dQCqkUtnHpEUDmYAqq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13cc0ce18c41a1f55d5eb3eca5603d71_JaffaCakes118

Files

13cc0ce18c41a1f55d5eb3eca5603d71_JaffaCakes118
.dll windows:2 windows x86 arch:x86

c299f2a9fa58169144dccb7637b580d1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kbdgcert

iswctype
_lfind
ILFindLastID
_wcsupr
ImmGetAppCompatFlags
CheckEscapesA
ImmWINNLSEnableIME
ILCombine
ImmGetCandidateListCountA
ImmDisableIME
PifMgr_SetProperties
_CIsqrt
strtoul
GetFileNameFromBrowse
ImmGetIMCCLockCount
sin
mbstowcs
_chkstk
_wcsicmp
towupper
strchr
ImmSetOpenStatus
isalnum
ExtractIconResInfoA
iswlower
_memicmp
qsort
isgraph
iswspace
ImmUnlockIMC
ImmReleaseContext
ExtractAssociatedIconA
ImmPutImeMenuItemsIntoMappedFile

kernel32

OpenThread
VirtualQueryEx
RtlMoveMemory
GetThreadLocale
CreateFileMappingW
CreateFileMappingA
lstrcmpiA
MapViewOfFile
UnmapViewOfFile
IsProcessorFeaturePresent
WaitForMultipleObjects
ExitProcess

Exports

Exports

CreateProcessNotify
lprping

Sections

.text
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c299f2a9fa58169144dccb7637b580d1

Headers

DLL Characteristics

File Characteristics

Imports

kbdgcert

kernel32

Exports

Exports

Sections

.text Size: 34KB - Virtual size: 36KB

.rdata Size: 1KB - Virtual size: 4KB

.data Size: 10KB - Virtual size: 12KB

.rsrc Size: 7KB - Virtual size: 8KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 34KB - Virtual size: 36KB

.rdata
Size: 1KB - Virtual size: 4KB

.data
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 7KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 4KB