2d93177d0e623903cad86cd1fc08e5c0_JaffaCakes118

General

Target

2d93177d0e623903cad86cd1fc08e5c0_JaffaCakes118
Size

32KB
MD5

2d93177d0e623903cad86cd1fc08e5c0
SHA1

188f9b3a132a6aee134e3f35ffbbffd828f5e0f8
SHA256

16eaa8b2367e0121b2cc289524cd45e8708009246d2ec23d67a0f6f9ab2f9083
SHA512

9d98f2cb40f641f835c03023405acccd429ed75e19f35659dd164d2e448be2dc67cadeeb83d48fe89b19a271f2e41063ce51b8e004e51e3faa35458e6bdebd6a
SSDEEP

192:LQXQsxVafPFFI44NDzzWkMgoIpoJ6C+gzDqK+Uwkx58jvrD8IZPIhfnF6vRgz:L4NWA44tCGm6CN+K+Xs5SAhfnF6c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d93177d0e623903cad86cd1fc08e5c0_JaffaCakes118

Files

2d93177d0e623903cad86cd1fc08e5c0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d94206cbdbced4311df2e5dfcbd3fce9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsGetValue
WinExec
DeleteFileA
CloseHandle
TlsFree
HeapFree
TlsSetValue
HeapAlloc
GetProcessHeap
MapViewOfFile
GetLastError
CreateFileMappingA
CreateFileA
TlsAlloc
CreateDirectoryA
ExpandEnvironmentStringsA
GetSystemDirectoryA
GetVersionExA
WriteFile
SetFilePointer
CreateEventA
GetSystemInfo
UnmapViewOfFile
InterlockedExchange
WaitForSingleObject
InterlockedIncrement
GetCurrentThreadId
InterlockedCompareExchange
SetEvent
InterlockedDecrement

user32

wsprintfA

shell32

ShellExecuteExA

msvcrt

strftime
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
free
strncpy
malloc
__CxxFrameHandler
??2@YAPAXI@Z
strncat
??3@YAXPAX@Z
vsprintf
sprintf
_onexit
localtime
time
_CxxThrowException
__dllonexit

shlwapi

SHSetValueA
SHDeleteValueA
SHGetValueA

Exports

Exports

DM_DeleteTask
DM_DownloadAgain
DM_GetLastError
DM_GetTaskCount
DM_GetTaskInfo
DM_GetTimeStamp
DM_OpenTaskFile
DM_PauseTask
DM_ResumeTask
DM_SetTaskInfo

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d94206cbdbced4311df2e5dfcbd3fce9

Headers

File Characteristics

Imports

kernel32

user32

shell32

msvcrt

shlwapi

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 992B

.reloc Size: 4KB - Virtual size: 916B

.text
Size: 12KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 992B

.reloc
Size: 4KB - Virtual size: 916B