43f096b9ef979dd4bfa03b24b25aadc3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

43f096b9ef979dd4bfa03b24b25aadc3_JaffaCakes118
Size

941KB
MD5

43f096b9ef979dd4bfa03b24b25aadc3
SHA1

99c08c4581eb13b281f29a52edfdfc52edb9f2a1
SHA256

4ece8d27a837185b287c8c5d9a3b91bb60a715f06e2e1584755fc863ea0a839a
SHA512

140a994aa9908d161153bbee2dee47f3537770cfca7a128df6e7e3540217542833256e10f3292d97363dacdbe7332b691e5d7a4b4c465e5294ea8711cb4b09a8
SSDEEP

12288:FKPJvKwL6ayTaRfOvJjtzBeXkQEftAHe7c5WTPYAJFYfi8lLy9Orf:Gd5L6xTWWv3zBeXwv7cWTPYAD+iW+g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43f096b9ef979dd4bfa03b24b25aadc3_JaffaCakes118

Files

43f096b9ef979dd4bfa03b24b25aadc3_JaffaCakes118
.dll windows:5 windows x86 arch:x86

d095fd42f0ed4af2b387746b7d14dc27

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetLastError
GetACP
CompareStringW
LocalFree
CloseHandle
TlsAlloc
WideCharToMultiByte
GetTickCount
MultiByteToWideChar
LoadLibraryA
GetVersion
VirtualFree
RaiseException
GetStartupInfoW
ExitProcess
SwitchToThread
InitializeCriticalSection
VirtualAlloc
WriteFile
RtlUnwind
GetSystemInfo
GetCommandLineW
GetProcAddress
DeleteCriticalSection
TlsGetValue
GetStdHandle
TlsSetValue
GetModuleHandleW
FreeLibrary
LocalAlloc
GetCurrentThreadId
UnhandledExceptionFilter
TlsFree
VirtualQuery
SetThreadLocale
Sleep

oleaut32

SysFreeString

Exports

Exports

__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 13KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 111B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 899KB - Virtual size: 899KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d095fd42f0ed4af2b387746b7d14dc27

Headers

File Characteristics

Imports

kernel32

oleaut32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 32KB

.itext Size: 512B - Virtual size: 256B

.data Size: 2KB - Virtual size: 2KB

.bss Size: - Virtual size: 13KB

.idata Size: 1024B - Virtual size: 1008B

.didata Size: 512B - Virtual size: 292B

.edata Size: 512B - Virtual size: 111B

.rdata Size: 512B - Virtual size: 69B

.reloc Size: 2KB - Virtual size: 2KB

.rsrc Size: 899KB - Virtual size: 899KB

.text
Size: 32KB - Virtual size: 32KB

.itext
Size: 512B - Virtual size: 256B

.data
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 13KB

.idata
Size: 1024B - Virtual size: 1008B

.didata
Size: 512B - Virtual size: 292B

.edata
Size: 512B - Virtual size: 111B

.rdata
Size: 512B - Virtual size: 69B

.reloc
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 899KB - Virtual size: 899KB