2ba4a6aa791fe305af1c86247308f372_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ba4a6aa791fe305af1c86247308f372_JaffaCakes118
Size

152KB
MD5

2ba4a6aa791fe305af1c86247308f372
SHA1

1ce966da078da3df50433ed4722afbbb9c6a05b1
SHA256

a8708e49e1079d13f895422af55aebde6d07297f93d1b5e1634ffeedcb941438
SHA512

d3e60afc640b6c1ac452d9e73218c4f0532e40c0c4b029beb936e242c4c2b38bd0798be6423dddf93ac837d7d1179151931e8427405d139fd668c5e3caec68dd
SSDEEP

3072:Uh6fCczbI367AEowF6kKnuHc5HFYd2y8YaJV/yhLHg:86fNbIUAKlKuHelq25

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ba4a6aa791fe305af1c86247308f372_JaffaCakes118

Files

2ba4a6aa791fe305af1c86247308f372_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0f2f6d3623f3e64c6300e102a4baac86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
GetProcAddress
GetModuleHandleA
EnterCriticalSection
DeleteCriticalSection
ReadFile
SetFilePointer
WriteFile
GetLastError
LoadLibraryA
GetModuleFileNameA
LoadLibraryExA
GetVersionExA
CloseHandle
CreateFileA
DeviceIoControl
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
GetCommandLineA
GetVersion
InterlockedDecrement
InterlockedIncrement
RtlUnwind
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
GetCurrentProcess
HeapReAlloc
LeaveCriticalSection
VirtualAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoW
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle

user32

GetKeyboardType
wsprintfA

Exports

Exports

Ox77F052CC
_DllMain@12

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.txt
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.txt2
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f2f6d3623f3e64c6300e102a4baac86

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 47KB

.txt Size: 34KB - Virtual size: 34KB

.txt2 Size: 45KB - Virtual size: 44KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 14KB - Virtual size: 22KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 48KB - Virtual size: 47KB

.txt
Size: 34KB - Virtual size: 34KB

.txt2
Size: 45KB - Virtual size: 44KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 14KB - Virtual size: 22KB

.reloc
Size: 4KB - Virtual size: 4KB