5267bb353eb1e30349bd36e6b2b01222_JaffaCakes118

General

Target

5267bb353eb1e30349bd36e6b2b01222_JaffaCakes118
Size

52KB
MD5

5267bb353eb1e30349bd36e6b2b01222
SHA1

3f73bbcf2344f08e0be212306049e6078c2a57e5
SHA256

a819b3636632906bff78558f5eaf0de8c0b447b200cf9e91ae9441d1d53bad32
SHA512

22a7da714d5de856e6dddbe22968b828d7771c0f05de70011471ef827667f4d725d95a26676cb942207f34f4d783839f0c68fc296362d175dd9678e18f48669d
SSDEEP

768:leK6v2XgTN++X10ITlygOxkj8BEWqq5DkAgeDuoQYknEe9:le7v2INB6ITlZO6SE7qDuoQrnX9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5267bb353eb1e30349bd36e6b2b01222_JaffaCakes118

Files

5267bb353eb1e30349bd36e6b2b01222_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d0fd6427b60931574b385878a25116de

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetProcAddress
HeapReAlloc
VirtualAlloc
LCMapStringA
LoadLibraryA
GetWindowsDirectoryA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetCommandLineA
GetVersion
GetLastError
CloseHandle
WriteFile
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
CreateFileA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
HeapAlloc
FlushFileBuffers
SetStdHandle
SetEndOfFile
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
LCMapStringW

user32

UnhookWindowsHookEx
SetWindowsHookExA
GetFocus
GetActiveWindow
GetParent
GetWindowTextA
GetKeyNameTextA
CallNextHookEx

imm32

ImmGetCompositionStringA
ImmReleaseContext
ImmGetContext

Exports

Exports

EndKey
StartKey

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0fd6427b60931574b385878a25116de

Headers

File Characteristics

Imports

kernel32

user32

imm32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 9KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 9KB

.reloc
Size: 4KB - Virtual size: 2KB