22d873f7e27d376d2873e1cdd7b649ac_JaffaCakes118

General

Target

22d873f7e27d376d2873e1cdd7b649ac_JaffaCakes118
Size

52KB
MD5

22d873f7e27d376d2873e1cdd7b649ac
SHA1

501acf0688e4639343d08219a3605c0c77afcd14
SHA256

d99600a679f912bc897800db8f0e36bf24f287c38422bd6a17f28b45b3a7ad1e
SHA512

a6dd06d6adc43df88b80dda5abaf5ce5e95b7abd40b0e3a994f5ae2ed220e8f1b33957631a430d235818fe9552d74dce172e60f5f08691a93f175694522b474b
SSDEEP

768:NCQ8l2Fet/kwvEjN1Sgc7KT3FfG1EI26WDG2f9m4VzziOyKoDo8hfbvK:NCQ8lGfjiz7KT3FfNI4G2Q4Ano8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22d873f7e27d376d2873e1cdd7b649ac_JaffaCakes118

Files

22d873f7e27d376d2873e1cdd7b649ac_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ae1375ed637fc5569cd77c95d8ddc729

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessW
CreateProcessA
InitializeCriticalSection
GetProcAddress
GetLastError
GetModuleHandleA
SetLastError
LeaveCriticalSection
EnterCriticalSection
VirtualProtect
VirtualQuery
DeleteCriticalSection
GetProfileStringA
DisableThreadLibraryCalls
WideCharToMultiByte
FreeEnvironmentStringsW
HeapAlloc
HeapFree
GetCommandLineA
GetVersion
CloseHandle
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
ExitProcess
GetModuleFileNameA
RtlUnwind
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetStdHandle
FlushFileBuffers
InterlockedDecrement
InterlockedIncrement
CreateFileA
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
SetFilePointer
SetEndOfFile
ReadFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

FindWindowA
PostMessageA

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae1375ed637fc5569cd77c95d8ddc729

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 17KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 17KB

.reloc
Size: 4KB - Virtual size: 3KB