6947ee4228ab808e9c91d9d6cd7f6f21_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6947ee4228ab808e9c91d9d6cd7f6f21_JaffaCakes118
Size

375KB
MD5

6947ee4228ab808e9c91d9d6cd7f6f21
SHA1

006fee40df6b2908d5a6a945fd47ddfe2f32f533
SHA256

2558251e3f8705e621bf2749648c77dce391f3cc870aac9a6fd7119ce79103a2
SHA512

f8c9618ad79a6b0ac574f59e6d06b8e56b037bd5f388122acc66928e2db913e1630fcd3f92078e53913fab71aaa680968c20be0ecc0f0375fc93a373280b6e8c
SSDEEP

6144:sBhX1VLyXidI3XtbNtNjrMUdVMuWVYgneflcVBMYU9ieIRQOHe1itiU4pN1jg:MhXLLyXii3XTTjgSV7W5n97uieILHe1J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6947ee4228ab808e9c91d9d6cd7f6f21_JaffaCakes118

Files

6947ee4228ab808e9c91d9d6cd7f6f21_JaffaCakes118
.dll windows:5 windows x86 arch:x86

506ee0dcf6be078c5b781c66607c291c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\rich\me\Little\Cut\Cook\mass\steam\modernWere.pdb

Imports

kernel32

Sleep
GetSystemDirectoryA
GetModuleFileNameA
VirtualProtect
GetTempPathA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
MultiByteToWideChar
EncodePointer
DecodePointer
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetCPInfo
RaiseException
RtlUnwind
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
HeapDestroy
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeW
GetLocaleInfoW
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
CloseHandle
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
HeapReAlloc
LoadLibraryW
WriteConsoleW
SetStdHandle
CreateFileW

Exports

Exports

@Thererock@0

Sections

.text
Size: 289KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

506ee0dcf6be078c5b781c66607c291c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 289KB - Virtual size: 288KB

.data Size: 75KB - Virtual size: 184KB

.rsrc Size: 1024B - Virtual size: 916B

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 289KB - Virtual size: 288KB

.data
Size: 75KB - Virtual size: 184KB

.rsrc
Size: 1024B - Virtual size: 916B

.reloc
Size: 9KB - Virtual size: 8KB