485b0887232ba48641a141d5c7be674c_JaffaCakes118

General

Target

485b0887232ba48641a141d5c7be674c_JaffaCakes118
Size

44KB
MD5

485b0887232ba48641a141d5c7be674c
SHA1

09333d4e979d201c65a4955f8c91ca64cad0efff
SHA256

5589a879dfcfe72338cbac1e338aee6188d50b414f832a8ccd34f3cda813ad17
SHA512

6654e1ab59805ee65b62cd5a7fa13f3387794c3044927ec8282cb94a8cc69aa0b98d21b3a8b25fb79441b6f37e59db981b8e5528b0da60cce24e0d0d1bceac97
SSDEEP

384:hrfkjqT1qbNfYIiVgSbX/9l7/OI7XcXV3jyi+1wkIluyPzC+cAG8oyU6FC:aOT1qbWbx/9lCI7ejU1BIllZG8oiw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
485b0887232ba48641a141d5c7be674c_JaffaCakes118

Files

485b0887232ba48641a141d5c7be674c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

258a9485f4342cb566ae3aacf9973cdb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocalTime
Sleep
VirtualProtect
CloseHandle
ReadFile
CreateFileW
VirtualAlloc
lstrcpyW
GetModuleFileNameW
GetModuleHandleA
GetSystemTime
DisableThreadLibraryCalls
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

Exports

Exports

GetA
GetContainingRect
GetX
NvSA
NvSX
NvSZ
NvSmartMaxNotifyAppHWND
NvSmartMaxUseDynamicDeviceGrids

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

258a9485f4342cb566ae3aacf9973cdb

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 20KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 20KB

.reloc
Size: 4KB - Virtual size: 3KB