258aff130ba20392da70e6b619da4fa2_JaffaCakes118

General

Target

258aff130ba20392da70e6b619da4fa2_JaffaCakes118
Size

85KB
MD5

258aff130ba20392da70e6b619da4fa2
SHA1

4a17aaab45d793f6243b5a2b214b52b89cc178e2
SHA256

36df54b9a21b622027e62d1ec1eb66cec0bbd38406c753609d4328147fd9426a
SHA512

8ee1ba1d07800bd9a2e6223d1f60cf645c6d10a726d4d25d068fa51d8ad7d95e7f505575a2fd5b1b6283bb723629cc465a7fd2797be1b7d1bb2991c2f1a0c134
SSDEEP

384:wzvzSl40R0LwI8WeeVX3qK6F36V4ZwAl4bJ/7L+cjyAC8x/WL4ptMQY8YW:Azb2WLH6o4O4qJ/HjX/x/B3Md

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
258aff130ba20392da70e6b619da4fa2_JaffaCakes118

Files

258aff130ba20392da70e6b619da4fa2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

598057cd1e1c4d139b169b27c22fe883

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
ExitProcess
TerminateProcess
VirtualAlloc
HeapAlloc
LoadLibraryA
WriteFile
WideCharToMultiByte
HeapFree
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetCPInfo
GetModuleFileNameA
GetACP
GetStdHandle
GetFileType
GetStartupInfoA
GetCommandLineA
GetProcAddress
GetModuleHandleA
lstrcpyA
VirtualFree
GetCurrentProcess
HeapDestroy
HeapCreate
SetHandleCount

ltkrn13n

ord201
ord116
ord129
ord192
ord188
ord123
ord189
ord282
ord134
ord101
ord100
ord131
ord312
ord125
ord137
ord141
ord190
ord283
ord191

Exports

Exports

DllMain
fltDeletePage
fltInfo
fltLoad
fltSave

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 914B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

598057cd1e1c4d139b169b27c22fe883

Headers

File Characteristics

Imports

kernel32

ltkrn13n

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 3KB

.idata Size: 57KB - Virtual size: 56KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 914B

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 3KB

.idata
Size: 57KB - Virtual size: 56KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 914B