92582b79aa0250c48e2f51ce9ebc2b2f_JaffaCakes118

General

Target

92582b79aa0250c48e2f51ce9ebc2b2f_JaffaCakes118
Size

68KB
MD5

92582b79aa0250c48e2f51ce9ebc2b2f
SHA1

a74fdbd5b190a8d068be43974c730d49b579a33a
SHA256

faf2cb914b7dae79d221f92868084f679d03f5555cd684d005177e3b4baaab12
SHA512

4279d6800339256cb19e9a9393488f3f5504144fd5ab10ceb22a2ac31f9250c0f5724ef1404887b8361b7da496fa806efb6553bad3c18d306d345dd1b0ff2f31
SSDEEP

768:eAw7fB3yVC5DNmOToFyQNuvD7PQyT4lqwg/zjhS+gZR5fAtWDsr/zmvfT5:e9iVC5DtToFc7Ytl6OU1ravfT5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
92582b79aa0250c48e2f51ce9ebc2b2f_JaffaCakes118

Files

92582b79aa0250c48e2f51ce9ebc2b2f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8c63d9231f6933c49eab7eafb5b82ae7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

memmove
malloc
realloc
free
isspace
isupper
_adjust_fdiv
_except_handler3
??3@YAXPAX@Z
__dllonexit
_onexit
tolower
_mbctype
isdigit
strncmp
atol
_stricmp
_findclose
_findnext
_findfirst
atoi
strchr
strtol
strncpy
_strnicmp
strtok
__CxxFrameHandler
rename
strrchr
sprintf
??2@YAPAXI@Z
printf
_purecall
_vsnprintf
_initterm
?terminate@@YAXXZ
_strlwr

kernel32

DisableThreadLibraryCalls
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
GetDriveTypeA
UnmapViewOfFile
MapViewOfFile
IsBadReadPtr
CreateFileMappingA
GetFileInformationByHandle
WriteFile
ReadFile
SetFilePointer
DeleteFileA
CreateFileA
GetLastError
CloseHandle
GetVersionExA
Sleep
CreateDirectoryA

user32

GetSystemMetrics
CharNextA

Exports

Exports

CanUnload
RMACreateInstance
RMAShutdown

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c63d9231f6933c49eab7eafb5b82ae7

Headers

File Characteristics

Imports

pncrt

kernel32

user32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 40KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB