089f4cae25a8bcf1d4c8c111079134ec_JaffaCakes118

General

Target

089f4cae25a8bcf1d4c8c111079134ec_JaffaCakes118
Size

397KB
MD5

089f4cae25a8bcf1d4c8c111079134ec
SHA1

1e9db21877a68dfbed861c259f2b9dc2e6e527ed
SHA256

419d5faf25eb003d3302aece77a5976388180ef5560c2bd7163d610a81012921
SHA512

951d082365226500ba9cc86d23836b4fb931f64545723691dc078f0a8bb514c464a6d17796c01c641b3d1f278e21d9afea0e036a8e3002dd8e0fb7a939d3ee51
SSDEEP

12288:pTojopV4Iu9zC3yY/Q9DRnObkKOqeAGWi0:peIuZLqeAGWi0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
089f4cae25a8bcf1d4c8c111079134ec_JaffaCakes118

Files

089f4cae25a8bcf1d4c8c111079134ec_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a2698f83518cf53c17eb454bedadac18

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
CloseHandle
WriteFile
CreateFileA
ExitProcess
GetLastError
CreateDirectoryA
ReadFile
SetFilePointer
DeleteFileA
MoveFileExA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
GetModuleHandleA
HeapAlloc
GetCommandLineA
HeapFree
GetVersionExA
GetProcessHeap
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
InitializeCriticalSection
RtlUnwind
VirtualFree
VirtualAlloc
HeapReAlloc
HeapDestroy
HeapCreate
MultiByteToWideChar
Sleep
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetCPInfo
GetACP
GetOEMCP
HeapSize
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetEndOfFile

shell32

SHGetFolderPathA

Exports

Exports

_DllMain@12

Sections

.text
Size: 374KB - Virtual size: 373KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2698f83518cf53c17eb454bedadac18

Headers

File Characteristics

Imports

kernel32

shell32

Exports

Exports

Sections

.text Size: 374KB - Virtual size: 373KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 5KB - Virtual size: 12KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 374KB - Virtual size: 373KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 5KB - Virtual size: 12KB

.reloc
Size: 6KB - Virtual size: 5KB