0d64307c428d5e872dbb459b46639178_JaffaCakes118

General

Target

0d64307c428d5e872dbb459b46639178_JaffaCakes118
Size

28KB
MD5

0d64307c428d5e872dbb459b46639178
SHA1

4218d4d4bc2b3b50fa29a55a64d44ed055d705b8
SHA256

1129aa3396119b2f326a08fd850a5a1739a57657bce7963f9e6546e415159a20
SHA512

a250476d7ee7926bdfa61f030f00c81324a91567cf0b27bb72d118f348ca28602ed26ee7e9fbc0bcde00a9089c4984c77725f65bc96910da9c8dd2d989659194
SSDEEP

768:Zql05F+1zxlwfPNCtQD/QkNKayVc8dAw2b2:Vk9lw3wtQD/TYq8dT2b2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d64307c428d5e872dbb459b46639178_JaffaCakes118

Files

0d64307c428d5e872dbb459b46639178_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cefa32e354defaba91096901128ec0e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Module32Next
Module32First
CreateToolhelp32Snapshot
GetCurrentProcessId
VirtualQuery
WriteProcessMemory
GetCurrentProcess
VirtualProtect
LoadLibraryA
lstrlenA
GetVersionExA
GetLocalTime
lstrcpynA
GetProcessTimes
Sleep
CreateProcessA
GetLastError
CloseHandle
lstrcatA
lstrcpyA
GetComputerNameA
WriteFile
CreateFileA
ReadFile
GetFileSize
RaiseException
CreateDirectoryA
DeleteFileA
GetSystemDirectoryA
GetTickCount
ExitProcess
GetCommandLineA
SetFilePointer
GetSystemTime
GetSystemInfo
GetModuleHandleA
GetProcAddress
GlobalAlloc
RtlUnwind
GlobalFree
lstrcmpiA
SetLastError
CreateMutexA
GetModuleFileNameA

advapi32

RegSetValueExA
RegCreateKeyA
RegQueryValueExA
RegCloseKey

ole32

CoCreateGuid
StringFromCLSID

Exports

Exports

ControlProc

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cefa32e354defaba91096901128ec0e9

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 3KB - Virtual size: 4KB

Shared Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 3KB - Virtual size: 4KB

Shared
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB