0ea667ae4326b07597a574a852c00d68_JaffaCakes118

General

Target

0ea667ae4326b07597a574a852c00d68_JaffaCakes118
Size

104KB
MD5

0ea667ae4326b07597a574a852c00d68
SHA1

994921a8fc8ab298595b5803d59666b8dc6730ca
SHA256

91164b9921cac72aa337235b47e8ef3ffc47ae89d6882fa38766a734281bdb5f
SHA512

a2503c2a00ce04a847e3081958bb4da71ec7b2346ee0c66cf7be3592f4ee9f0dd2cdf283502bcd4256784141b00caf649b12796519328787acbf1cde24537bb1
SSDEEP

1536:ZyumiTZotWjSmhUQfSA44h+nGJy2hKSmu4wIAYW3IJX6I2Qe/w5Cy8IicSoCmjTe:8umiTGEzSChJctJ9Qgxq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ea667ae4326b07597a574a852c00d68_JaffaCakes118

Files

0ea667ae4326b07597a574a852c00d68_JaffaCakes118
.dll windows:4 windows x86 arch:x86

32dbc201eeacf46ccdd36c6b8b283462

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEvent
LeaveCriticalSection
CloseHandle
DisconnectNamedPipe
ResetEvent
GetOverlappedResult
GetLastError
WriteFile
EnterCriticalSection
WaitForSingleObject
GetTickCount
ConnectNamedPipe
GlobalFree
DeleteCriticalSection
CreateEventA
InitializeCriticalSection
HeapSetInformation
GetCurrentProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
VirtualProtect
GlobalAlloc
CreateNamedPipeA
GetCommandLineA

advapi32

FreeSid
SetServiceStatus
StartServiceCtrlDispatcherA

msvcr71

_except_handler3
_initterm
_XcptFilter
_cexit
_beginthreadex
exit
_amsg_exit
free
malloc
_adjust_fdiv
__CppXcptFilter
__dllonexit
_onexit

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32dbc201eeacf46ccdd36c6b8b283462

Headers

File Characteristics

Imports

kernel32

advapi32

msvcr71

Sections

.text Size: 12KB - Virtual size: 8KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 4KB - Virtual size: 34KB

.rsrc Size: 44KB - Virtual size: 42KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 8KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 4KB - Virtual size: 34KB

.rsrc
Size: 44KB - Virtual size: 42KB

.reloc
Size: 4KB - Virtual size: 1KB