02cb90cdf07ddace68ef2ae8f482f4a3_JaffaCakes118

General

Target

02cb90cdf07ddace68ef2ae8f482f4a3_JaffaCakes118
Size

211KB
MD5

02cb90cdf07ddace68ef2ae8f482f4a3
SHA1

da19698e455ad0f92b0d7ad59106b3e47d8745b8
SHA256

3928dd8a142554d078777de58aec2cf815489aebb5aa148428d021aa2477a240
SHA512

5c8256ba57996eb0811deda3ed7dc39257625062845f7d8b861293ab7cabe83e0e931972860ee04e6f6213ed65e6f5c97d97460aab41d1ab05e699a0ed65ef86
SSDEEP

3072:lRUMDcTUcn8xDvy5ChjX2JLYT4UUFTyHcHVQj:IBUc8NLaQwyy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02cb90cdf07ddace68ef2ae8f482f4a3_JaffaCakes118

Files

02cb90cdf07ddace68ef2ae8f482f4a3_JaffaCakes118
.dll windows:5 windows x86 arch:x86

8f69210e6656e9400d4dc06ccedb444f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetProcAddress
GetModuleHandleA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
GetModuleHandleW
ExitProcess
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
WriteFile
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
RtlUnwind
LoadLibraryA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
HeapSize
CloseHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
RaiseException
CreateFileA

Exports

Exports

dca_block
dca_blocks_num
dca_dynrng
dca_frame
dca_free
dca_init
dca_samples
dca_syncinfo
getVersion

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f69210e6656e9400d4dc06ccedb444f

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 72KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 69KB - Virtual size: 75KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 72KB - Virtual size: 72KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 69KB - Virtual size: 75KB

.reloc
Size: 5KB - Virtual size: 4KB