fccd8f117cc14249796a7094a1a895bc_JaffaCakes118

General

Target

fccd8f117cc14249796a7094a1a895bc_JaffaCakes118
Size

45KB
MD5

fccd8f117cc14249796a7094a1a895bc
SHA1

cce35b5febaa78e18fcf6804840ce9f19e800e15
SHA256

6e303d67b75ac7b86f5f7f51222cb13a4597569fddd31dae35b7110294626ec0
SHA512

b37e0832eb5f07dab5c24872d0556fcccce3cc66378ce214683d42f7e20c3dac0ee798b45014e663fdc3daa60fed43c2121f7ffd07b1b52b4d42584e8f9d7ba6
SSDEEP

192:Wh/IfOnzQnygiW9HuSuT8Hw7IGiu902td2vU0BMRAvmyaLx3r:PzygiWR2t7IpuyoP0ej

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fccd8f117cc14249796a7094a1a895bc_JaffaCakes118

Files

fccd8f117cc14249796a7094a1a895bc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

101bddeb405c48d825de6947ef1293af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibraryAndExitThread
GetCurrentProcessId
GetModuleHandleA
GetModuleHandleW
GetFileSize
SetFilePointer
ReadFile
CloseHandle
GetTempPathW
CreateFileW
WriteFile
ExitProcess
LoadLibraryW
ExitThread
CreateThread
LoadLibraryA
GetProcAddress
GetCurrentThreadId
GetTempPathA
DeleteFileA
IsBadReadPtr
GetModuleFileNameW
VirtualFree
HeapCreate
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
HeapValidate
VirtualAlloc
VirtualQuery
GetStartupInfoA
GetFileType
GetStdHandle
GetCurrentProcess
DuplicateHandle
SetHandleCount
GetSystemTimeAsFileTime
GetCommandLineA
GetModuleFileNameA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleMode
GetConsoleOutputCP
GetLastError
CreateFileA
SetStdHandle
MultiByteToWideChar
WideCharToMultiByte
GetConsoleCP
SetEndOfFile
SetConsoleCtrlHandler

user32

RegisterClipboardFormatW
MessageBoxA

Exports

Exports

initOLEcontainer

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

101bddeb405c48d825de6947ef1293af

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 33KB - Virtual size: 32KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 262KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 33KB - Virtual size: 32KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 262KB

.reloc
Size: 2KB - Virtual size: 2KB