3266de4e555a341849f4066c78d8e800_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3266de4e555a341849f4066c78d8e800_JaffaCakes118
Size

42KB
MD5

3266de4e555a341849f4066c78d8e800
SHA1

8849261e6d214b465257fd0ba68dd6b862e58037
SHA256

bf2024484e939fb7de93b9e4c288fba0088b63a35cbe627b28baff2164042ed0
SHA512

ded086049eca53b47e0540fce426e6e709871351e826b58934f55a494096542abcd2e863a2815811df627295b1ff0396440b685412ab545e55ff736d79a6307d
SSDEEP

768:zO8ojNrOKbGPr/sYqtssZ7P7/fOLk5WQCoJbfp/lIgug1dZ5fiMDEcUHIxyi:q8uO6vYqts+7PLOLkrCoVfpZugDbEHMy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3266de4e555a341849f4066c78d8e800_JaffaCakes118

Files

3266de4e555a341849f4066c78d8e800_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e6e00f4c0d58cc356384192ab7a38e0a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

pdb.pdb

Imports

kernel32

GetStringTypeA
lstrlenW
LCMapStringA
CreateFileA
UnmapViewOfFile
WaitForSingleObject
LocalFree
IsDBCSLeadByte
DeleteFileA
VirtualProtect
CreateMutexA
VirtualAlloc
GetStringTypeW
MultiByteToWideChar
HeapDestroy
SetFileTime
TlsAlloc
WriteFile
CreateFileW
SetHandleCount
CreateFileMappingW
MapViewOfFile
FreeEnvironmentStringsW
DisableThreadLibraryCalls
GetTickCount
GetStartupInfoA
GetSystemTimeAsFileTime
Sleep
OpenFileMappingA
VirtualFree
InitializeCriticalSectionAndSpinCount
GetFileSize
CloseHandle
HeapCreate
GetFullPathNameW
TerminateProcess
GetACP
GetStringTypeExA
QueryPerformanceCounter
DeleteFileW
lstrcmpA
InterlockedDecrement
HeapFree
FlushViewOfFile
WideCharToMultiByte
CreateMutexW
MoveFileA
GetEnvironmentVariableA
VirtualQuery
UnhandledExceptionFilter
HeapReAlloc
GetCurrentProcess
GetDiskFreeSpaceW
GetVersionExA
GetLastError
GetStdHandle
InitializeCriticalSection
InterlockedIncrement
GetFullPathNameA
OpenFileMappingW
TlsFree
GetCPInfo
GetSystemInfo
TlsGetValue
GetCurrentProcessId
ReleaseMutex
GetCurrentThreadId
GetProcAddress
FreeEnvironmentStringsA
GetLocaleInfoA
MoveFileW
IsBadReadPtr
SetFilePointer
GetEnvironmentStrings
LeaveCriticalSection
GetOEMCP
HeapAlloc
lstrlenA
CreateFileMappingA
GetFileType
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetDiskFreeSpaceA
InterlockedExchange
DeleteCriticalSection
lstrcmpiA
CreateThread
EnterCriticalSection
CompareFileTime
SetEvent
SetEndOfFile
LocalAlloc
FreeLibrary
LoadLibraryA
CreateEventA
SetLastError
MoveFileWithProgressA

Exports

Exports

sgwi

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6e00f4c0d58cc356384192ab7a38e0a

Headers

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.data Size: 16KB - Virtual size: 15KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 552B

.text
Size: 40KB - Virtual size: 36KB

.data
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 552B