295a7d43093342c4d3b7e1ccb349e2ad_JaffaCakes118

General

Target

295a7d43093342c4d3b7e1ccb349e2ad_JaffaCakes118
Size

43KB
MD5

295a7d43093342c4d3b7e1ccb349e2ad
SHA1

239fc5f4ea7cd57ea494644609ca7ad301bf0c50
SHA256

593d2ab5a7b31ece010d547329e415119140c165eb16d26d56f5cacaaccd231a
SHA512

4d8b95edb3b42212d88ae0c9cbc27f9152cb067100fe6fc41d55e8400d61f80eafc280a07a6f49cf76dbd252053cf57bdcaf921da99787dda89f199848cb0fbc
SSDEEP

768:T51oEk5iJxLY2pm9rAdAIzKUOjpMeW+G+NNOAYcyauLfihXJC:TLoZ2npFXOFMeW0NMjLfqC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
295a7d43093342c4d3b7e1ccb349e2ad_JaffaCakes118

Files

295a7d43093342c4d3b7e1ccb349e2ad_JaffaCakes118
.dll windows:4 windows x86 arch:x86

285dc193bc7dd9deed82fa87da123de1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
GetTickCount
CopyFileA
DeleteFileA
FreeLibrary
GetModuleHandleA
FindFirstFileA
GetModuleFileNameA
GetCurrentProcessId
CreateFileA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetProcAddress
MultiByteToWideChar
LoadLibraryA
CreateFileMappingW
GetVersion
GetSystemTime
FileTimeToSystemTime
GetFileTime
LoadLibraryExA
lstrlenW
lstrlenA
GetCurrentProcess
DuplicateHandle
WaitForSingleObject
CreateRemoteThread
WideCharToMultiByte
IsBadReadPtr
GetSystemDirectoryA

msvcrt

free
sprintf
strlen
strcpy
memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
strcat
malloc
_stricmp
memset
_strdup
strncmp
_snprintf
_initterm
_adjust_fdiv
_strlwr

Exports

Exports

input

Sections

.code
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000397F
Size: 14KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

285dc193bc7dd9deed82fa87da123de1

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.code Size: 21KB - Virtual size: 24KB

.idata Size: 3KB - Virtual size: 4KB

0000397F Size: 14KB - Virtual size: 24KB

.reloc Size: 2KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 4KB

.code
Size: 21KB - Virtual size: 24KB

.idata
Size: 3KB - Virtual size: 4KB

0000397F
Size: 14KB - Virtual size: 24KB

.reloc
Size: 2KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 4KB