389387efeeb224ede40e44d0978be38e_JaffaCakes118

General

Target

389387efeeb224ede40e44d0978be38e_JaffaCakes118
Size

272KB
MD5

389387efeeb224ede40e44d0978be38e
SHA1

e1391053e5b98411c86688f7e3039d14644a2b23
SHA256

65ed87890697ff9c2a67ee68b6eb82b88d8ceb140de8a9a1e5391a0f347f96e2
SHA512

d947c6b79acc13bd4e1cf2c38f980384a6caf81d32e49b5988539136a29642ee166f7acdf62b4c159600bdb6b8feabc7835d20a474f40bd3815b16708f2d8886
SSDEEP

6144:wSEUGJNLkCUeBjtn6d/ed0SRdATt3XMoDEnEi:wl0kJe/e2G6ZnDkT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
389387efeeb224ede40e44d0978be38e_JaffaCakes118

Files

389387efeeb224ede40e44d0978be38e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

415fde3ef3d13b3c4503e0a61a8e3d2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DebugBreak
GetModuleFileNameA
Sleep
RaiseException
RtlUnwind
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetLastError
HeapAlloc
HeapReAlloc
HeapFree
DeleteFileA
MoveFileA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
SetUnhandledExceptionFilter
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
DisableThreadLibraryCalls
WriteFile
GetProcAddress
VirtualAlloc
IsBadWritePtr
MultiByteToWideChar
GetCPInfo
CompareStringA
CompareStringW
LCMapStringA
LCMapStringW
FlushFileBuffers
CloseHandle
SetFilePointer
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
LoadLibraryA
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableA
SetStdHandle

Exports

Exports

GetTouchstoneFactories

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

415fde3ef3d13b3c4503e0a61a8e3d2c

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 73KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 25KB

.rsrc Size: 4KB - Virtual size: 736B

.reloc Size: 8KB - Virtual size: 5KB

.text Size: 152KB - Virtual size: 152KB

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 25KB

.rsrc
Size: 4KB - Virtual size: 736B

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 152KB - Virtual size: 152KB