06e47f34fa3aea352d3cba081c8bc463_JaffaCakes118

General

Target

06e47f34fa3aea352d3cba081c8bc463_JaffaCakes118
Size

124KB
MD5

06e47f34fa3aea352d3cba081c8bc463
SHA1

ef14674fec1a368c179843ef16253214f776ee50
SHA256

d6d8b5f80d126e0f97a1c238006c2d0819b78f87a87e367530f78b2dbb65cc1c
SHA512

cfd2b00f7cbaa96da17b7fdf2b2661bb08944084717ebc4b6f0856683d9cda6e4c7b90824c05b9f73d3851da2389fa669333338b89949c3bc4e66b8b0fc9ed57
SSDEEP

3072:h+oS8FpHmp0AZDFQj7J9epz22xOQwziDOFnI658lylU:h+oLHalmj19Ki2xDw7T8M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06e47f34fa3aea352d3cba081c8bc463_JaffaCakes118

Files

06e47f34fa3aea352d3cba081c8bc463_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7f975110b089448fc6b29065cd9b242f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualFree
SetHandleCount
GetFileType
SetStdHandle
CloseHandle
SetFilePointer
LoadLibraryA
VirtualAlloc
FlushFileBuffers
HeapAlloc
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
lstrcpyA
HeapFree
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
WriteFile
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection

ltkrn11n

ord134
ord192
ord189
ord179
ord163
ord174
ord190
ord188
ord191

Exports

Exports

DllMain
fltInfo
fltLoad
fltSave

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f975110b089448fc6b29065cd9b242f

Headers

File Characteristics

Imports

kernel32

ltkrn11n

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 8KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 99KB - Virtual size: 98KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 8KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 99KB - Virtual size: 98KB

.reloc
Size: 1KB - Virtual size: 1KB