09e0273696ebaa9456e9b2b2d5c1ce41_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

09e0273696ebaa9456e9b2b2d5c1ce41_JaffaCakes118
Size

941KB
MD5

09e0273696ebaa9456e9b2b2d5c1ce41
SHA1

3b4a49cead4ab91820f698316d4158d838962a1a
SHA256

483578a2e5d24a46053bb22b30d119fe0a5c2d649eb23b8961c30c0727a39ffb
SHA512

4de500a516a2199c53443273b0f605ca8ec8d7082b9625e6710807aa960337e93a36941020d931b9f8ce84f87c48c7c20174cd655dbf25c70afae35da86b4be4
SSDEEP

12288:XPPJvKwL6ayTaRfOvJjtzBeXkQEftAHe7c5WTPYAJFYfi8lLy9Orf:nd5L6xTWWv3zBeXwv7cWTPYAD+iW+g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09e0273696ebaa9456e9b2b2d5c1ce41_JaffaCakes118

Files

09e0273696ebaa9456e9b2b2d5c1ce41_JaffaCakes118
.dll windows:5 windows x86 arch:x86

d095fd42f0ed4af2b387746b7d14dc27

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetLastError
GetACP
CompareStringW
LocalFree
CloseHandle
TlsAlloc
WideCharToMultiByte
GetTickCount
MultiByteToWideChar
LoadLibraryA
GetVersion
VirtualFree
RaiseException
GetStartupInfoW
ExitProcess
SwitchToThread
InitializeCriticalSection
VirtualAlloc
WriteFile
RtlUnwind
GetSystemInfo
GetCommandLineW
GetProcAddress
DeleteCriticalSection
TlsGetValue
GetStdHandle
TlsSetValue
GetModuleHandleW
FreeLibrary
LocalAlloc
GetCurrentThreadId
UnhandledExceptionFilter
TlsFree
VirtualQuery
SetThreadLocale
Sleep

oleaut32

SysFreeString

Exports

Exports

__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 13KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 111B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 899KB - Virtual size: 899KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d095fd42f0ed4af2b387746b7d14dc27

Headers

File Characteristics

Imports

kernel32

oleaut32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 32KB

.itext Size: 512B - Virtual size: 256B

.data Size: 2KB - Virtual size: 2KB

.bss Size: - Virtual size: 13KB

.idata Size: 1024B - Virtual size: 1008B

.didata Size: 512B - Virtual size: 292B

.edata Size: 512B - Virtual size: 111B

.rdata Size: 512B - Virtual size: 69B

.reloc Size: 2KB - Virtual size: 2KB

.rsrc Size: 899KB - Virtual size: 899KB

.text
Size: 32KB - Virtual size: 32KB

.itext
Size: 512B - Virtual size: 256B

.data
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 13KB

.idata
Size: 1024B - Virtual size: 1008B

.didata
Size: 512B - Virtual size: 292B

.edata
Size: 512B - Virtual size: 111B

.rdata
Size: 512B - Virtual size: 69B

.reloc
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 899KB - Virtual size: 899KB