37f6ef0d87f63fed384f9ddc84aa4d93_JaffaCakes118

General

Target

37f6ef0d87f63fed384f9ddc84aa4d93_JaffaCakes118
Size

544KB
MD5

37f6ef0d87f63fed384f9ddc84aa4d93
SHA1

aaed24cb72fc0b9b7dd35c3aedd2346100edc116
SHA256

807dd45c57e00156ec80a0174c1b509128104bdf9d2f4e29d182290440b47a2a
SHA512

259b481bf23036cf4c2bd215766236ad87828405811adb492f3e8933d92760720473baa3985b600ae0d6a3b7b8c0a20d22f19ca3912e918e70827c56662d936a
SSDEEP

6144:Uhb3txiJXPXg9EjSCcA4fqscjR4c6PsFbMAwINximfxZmyZpLqWrMLTaKGCXTc:Uhb9Y4qjGMpjRJ5BCy3LiLpc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37f6ef0d87f63fed384f9ddc84aa4d93_JaffaCakes118

Files

37f6ef0d87f63fed384f9ddc84aa4d93_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a47a46660584d46d509f78016a8e27ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetVersion
GetStartupInfoA
GetUserDefaultLCID
MulDiv
InterlockedExchangeAdd
GetLocalTime
VirtualAlloc
VirtualProtect
VirtualQuery
LoadLibraryA
GetVersionExA
Sleep
GetComputerNameA
QueryPerformanceFrequency
GetCurrentProcess
IsBadWritePtr
GetSystemTimeAsFileTime
IsBadReadPtr

user32

GetWindow
GetDlgItem
GetIconInfo
GetForegroundWindow
GetMenuContextHelpId
GetWindowContextHelpId
GetClientRect
GetWindowTextA
IsCharUpperA
GetLastActivePopup
GetGUIThreadInfo
GetDesktopWindow
SetLastErrorEx
BlockInput
GetDC
GetWindowRgn
WindowFromDC

advapi32

AreAnyAccessesGranted
IsValidSecurityDescriptor
IsValidAcl

msvcrt

_ltoa
_set_error_mode
rand
_adjust_fdiv
malloc
_initterm
free
_memicmp
_memccpy
_ultoa
floor
modf
ldexp
_pctype
_isctype
frexp
__mb_cur_max
__doserrno
div
_CIasin
_CIsinh
srand

gdi32

GetPixel
GetROP2
GetBitmapDimensionEx
GetStretchBltMode

ole32

CoFileTimeNow

shell32

ord680
ord524

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a47a46660584d46d509f78016a8e27ba

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

gdi32

ole32

shell32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 65KB - Virtual size: 66KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 65KB - Virtual size: 66KB

.reloc
Size: 2KB - Virtual size: 2KB