30c7bd60a430793ecdd2f2c0ec620d82_JaffaCakes118

General

Target

30c7bd60a430793ecdd2f2c0ec620d82_JaffaCakes118
Size

86KB
MD5

30c7bd60a430793ecdd2f2c0ec620d82
SHA1

725efd9c39aca588cfc861e2e59d4897e101612c
SHA256

a44d9dc68733fef8cdcd9d7df39c3b4b40e1bbeaa90fbf715a859616aca11f9d
SHA512

297d7fd19d88fcd43e28ad3c9d91eee09f4af0700ea2b04407329961c64b651ee0e010893b3d47ebf3a48b0baeb15d28db0b8d31c439c5f03e5bc9abba195f06
SSDEEP

1536:Eni06imMEbEzh3Y07YpG4IpfTT+8Ddg3UnQCBcypnbD13rLt8jot:Ei06irEwVMrCT5gEnQCB1b95t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30c7bd60a430793ecdd2f2c0ec620d82_JaffaCakes118

Files

30c7bd60a430793ecdd2f2c0ec620d82_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6211c62af23d51137f0c6f173b823ed2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileType
GetStdHandle
lstrcpyA
CloseHandle
FlushFileBuffers
SetStdHandle
LoadLibraryA
VirtualAlloc
HeapAlloc
HeapFree
SetFilePointer
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
WriteFile
GetLastError
GetStartupInfoA
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte

ltkrn12n

ord192
ord128
ord163
ord190
ord189
ord188
ord191
ord280
ord281

Exports

Exports

DllMain
fltInfo
fltLoad
fltSave

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6211c62af23d51137f0c6f173b823ed2

Headers

File Characteristics

Imports

kernel32

ltkrn12n

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 9KB

.idata Size: 57KB - Virtual size: 57KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 9KB

.idata
Size: 57KB - Virtual size: 57KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB