2643e6becdd2068a628fd3b6cbe9d306_JaffaCakes118

General

Target

2643e6becdd2068a628fd3b6cbe9d306_JaffaCakes118
Size

228KB
MD5

2643e6becdd2068a628fd3b6cbe9d306
SHA1

a704e60f3c309a02083793b3072b0bf21a08eb59
SHA256

7fade5464ea5c61bc95042326772bae046c44ed8a4f2556ed2e3a72a7bde76dc
SHA512

74472023018b7e4049ff494f0cb2c11783a49172b7d2e51f353c5dde441856ec7e1830d7220f680509d4558caf8466f209966161bcfe395e68ed7b792e470b19
SSDEEP

3072:N7dRJHCfoDHzD3hq2q7FMlZKNotiWafA+RSabVo3T42FXzZig3dAiL1zG:hJdHXhq5VYaf/SgVWsgpjLQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2643e6becdd2068a628fd3b6cbe9d306_JaffaCakes118

Files

2643e6becdd2068a628fd3b6cbe9d306_JaffaCakes118
.dll windows:4 windows x86 arch:x86

db50068397dc1d85b178019504c5981b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadFile
SetFilePointer
WritePrivateProfileStringA
GetFileSize
GetModuleFileNameA
GetModuleHandleA
DeleteFileA
GetPrivateProfileStringA
HeapReAlloc
HeapAlloc
HeapFree
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetLastError
CloseHandle
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
InterlockedDecrement
InterlockedIncrement
SetStdHandle
FlushFileBuffers
CreateFileA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind

shlwapi

PathFileExistsA

Exports

Exports

CheckRule
LoadDatabase

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 188KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db50068397dc1d85b178019504c5981b

Headers

File Characteristics

Imports

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 188KB - Virtual size: 205KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 188KB - Virtual size: 205KB

.reloc
Size: 4KB - Virtual size: 3KB