742c9e7a0a14f72abf0d0920b066b287_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

742c9e7a0a14f72abf0d0920b066b287_JaffaCakes118
Size

117KB
MD5

742c9e7a0a14f72abf0d0920b066b287
SHA1

7e0944d7820ddc1292ccc6b22d9d8484204eff36
SHA256

a313c0abdf34340c856e0d3b9688f7353fe2c44a051268fa5c279774606ce7a4
SHA512

78760f792e3b0d4f1ead14af66647b18c4385cafb7fb080dcb6ed4e4ca8dbd93af8952c8f2f56f80bbf91f6af5bf8f8a4ae79b098902b55618601c215e8fbf1e
SSDEEP

1536:Fg9XNpR4q0Oq7NrocEUBO+VBJ0a1sKT+EEz1Tf7TaJM4WHPwy7eeS80G9qsW4dkr:OR/0bhrts+XOaCKT+BzVfvaJM4kTNvk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
742c9e7a0a14f72abf0d0920b066b287_JaffaCakes118

Files

742c9e7a0a14f72abf0d0920b066b287_JaffaCakes118
.dll windows:5 windows x64 arch:x64

6f35de51ce0a5d3b8536d2a97ecf2a8d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter
ExitThread
RaiseException
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryExA
MultiByteToWideChar
WideCharToMultiByte
Sleep
GetSystemTime
SystemTimeToFileTime
ReadFile
HeapFree
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
GetCommandLineA
GetCurrentThreadId
RtlUnwindEx
IsDebuggerPresent
EncodePointer
DecodePointer
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
CloseHandle
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
WriteFile
GetConsoleCP
GetProcessHeap
GetModuleHandleExW
GetModuleFileNameW
SetLastError
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetStdHandle
FlushFileBuffers
WriteConsoleW
CreateFileW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
OutputDebugStringW
GetStringTypeW
SetEndOfFile
HeapSize
LCMapStringW

Exports

Exports

DeinitServerExtension
InitServerExtension
ReflectiveLoader

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f35de51ce0a5d3b8536d2a97ecf2a8d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 75KB - Virtual size: 74KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 6KB - Virtual size: 15KB

.pdata Size: 4KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 75KB - Virtual size: 74KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 6KB - Virtual size: 15KB

.pdata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 1KB