24c46eea1fb9e4e26a9e3c3a64f2dbdb_JaffaCakes118

General

Target

24c46eea1fb9e4e26a9e3c3a64f2dbdb_JaffaCakes118
Size

444KB
MD5

24c46eea1fb9e4e26a9e3c3a64f2dbdb
SHA1

6fd8175b45e3d6249eda7ee4183e7c70660471ba
SHA256

c43bf78a7b84707dd6dca85d7d34fb1a60f3f472178e780a436f6d52d7083e56
SHA512

420e8b1bbf79f04c8e9aefd4e12c355535de746392e9538b2dbd4b683283ff15d519f475b9fb33456f7b8b55f99f45f4a6a38a43bfa3db52339dbdaefb5f2823
SSDEEP

6144:3N7uskD3MdbxOAAbRabvIe7k4ZSSm+GDBueaFa1mz:s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24c46eea1fb9e4e26a9e3c3a64f2dbdb_JaffaCakes118

Files

24c46eea1fb9e4e26a9e3c3a64f2dbdb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0bde0d03adba3c969669d00f87ec6d40

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
GetProcessHeap
HeapAlloc
VirtualAlloc
VirtualFree
VirtualProtect
IsBadReadPtr
HeapFree
GetLastError
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
HeapCreate
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapSize
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
RtlUnwind
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

CC_MSWinLeventMngment_1
CC_MSWinLoffMngment1
CC_SetWinName
CC_WinSysSet

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 388KB - Virtual size: 390KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0bde0d03adba3c969669d00f87ec6d40

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 388KB - Virtual size: 390KB

.rsrc Size: 4KB - Virtual size: 176B

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 388KB - Virtual size: 390KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 8KB - Virtual size: 4KB