2d1134a7d2dfc9fe9ef1baf069102f5e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d1134a7d2dfc9fe9ef1baf069102f5e_JaffaCakes118
Size

16KB
MD5

2d1134a7d2dfc9fe9ef1baf069102f5e
SHA1

33255f098c4f52ad1c3c698f289de5c03b18b7da
SHA256

5819b2af00a2b639828d878e71e5204ef6fb50c84d8f74a3e84d46d45bb97847
SHA512

8ef11980f5e955c796f6492e7db8a671c716beab5ae4f880395cb10dd9dfb26398b7d05551c340a8de15ea7567733c6445f404d718938b1404d127cc77fdbf93
SSDEEP

192:tdxN/SbJRIRlLkwjC7TEUs0xlf8rkLQYLVNQJ2ZN9Qutd3X3PG26+EGAQ:SaLkwjC7Tl9xlE3UKJ2ZN9QuthnPGbD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d1134a7d2dfc9fe9ef1baf069102f5e_JaffaCakes118

Files

2d1134a7d2dfc9fe9ef1baf069102f5e_JaffaCakes118
.dll windows:5 windows x86 arch:x86

d9f27b285954cca6a8714c3b87409a68

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetCurrentProcess
Sleep
FlushInstructionCache
DisableThreadLibraryCalls
VirtualProtect
CreateThread
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
QueryPerformanceCounter

user32

GetAsyncKeyState
SetWindowLongA
MessageBoxA
GetClassNameA

msvcr100

_localtime64
fclose
_time64
strftime
free
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
srand
rand
fprintf
fopen
fgets
feof
sprintf
_malloc_crt

Exports

Exports

_DllMain@12

Sections

.code
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

00000074
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

00000200
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d9f27b285954cca6a8714c3b87409a68

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcr100

Exports

Exports

Sections

.code Size: 8KB - Virtual size: 12KB

.idata Size: 3KB - Virtual size: 4KB

00000074 Size: 512B - Virtual size: 4KB

00000200 Size: 512B - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.code
Size: 8KB - Virtual size: 12KB

.idata
Size: 3KB - Virtual size: 4KB

00000074
Size: 512B - Virtual size: 4KB

00000200
Size: 512B - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB