359c433a0c3ef475202bc2982effe777_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

359c433a0c3ef475202bc2982effe777_JaffaCakes118
Size

188KB
MD5

359c433a0c3ef475202bc2982effe777
SHA1

44e0383af10b6448c041c5713fa3379b9ef5772d
SHA256

587d27be406351d87488b67eb7d1df4ad3c981bb13d57540df036696f86bcf9d
SHA512

1329e3bcb5a8d5cf84897383640390648ac40f0b62c5fa2f08e28a993876435833349f9b88adb97c23f15ffd0c89b396226a62c323e679398111a42cc9f28708
SSDEEP

3072:fzfmoI4+bMYACxtBIdu1pLlF/FA1lWwKPWVfGS:fzeoI7qu1pjnWVfl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
359c433a0c3ef475202bc2982effe777_JaffaCakes118

Files

359c433a0c3ef475202bc2982effe777_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bfd2fd3320f614f5453b457f58d36097

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FlushFileBuffers
GetLastError
WaitForSingleObject
MultiByteToWideChar
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InterlockedIncrement
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryA
RtlUnwind
InitializeCriticalSection
IsValidCodePage
GetCurrentProcessId
lstrlenA
CloseHandle
ResetEvent
CreateEventW
SetEvent
SetStdHandle
InterlockedDecrement
RaiseException
GetVersionExA
GetTickCount
GetProcAddress
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetCurrentThreadId
GetCommandLineA
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
ExitProcess
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCPInfo
GetOEMCP

ole32

CoCreateInstance
CreateItemMoniker
GetRunningObjectTable
CoTaskMemFree

oleaut32

VariantClear

Exports

Exports

_AvisynthPluginInit2@4

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bfd2fd3320f614f5453b457f58d36097

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 8KB - Virtual size: 12KB

.reloc Size: 8KB - Virtual size: 6KB

.text Size: 88KB - Virtual size: 88KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 8KB - Virtual size: 12KB

.reloc
Size: 8KB - Virtual size: 6KB

.text
Size: 88KB - Virtual size: 88KB