3be8f86130e531e1475609ffbca81c92_JaffaCakes118

General

Target

3be8f86130e531e1475609ffbca81c92_JaffaCakes118
Size

478KB
MD5

3be8f86130e531e1475609ffbca81c92
SHA1

f546b09f1b177792261abe73f6478df1170da9cb
SHA256

88fc94e465128551e2337908aee1fb9d410fec913bda918ce93ed2561aed8013
SHA512

1f7f8c7cd8b8834fb50e7b4e4490d4b1e28ca28302d24c19408b12aff3118f36bb1ec6ba5d382b41d003f3cc83f68a38fc124cf16e39f2e092c2151a13299ba0
SSDEEP

12288:BTNJZzdY3qgo0IqFN1AWGmkETmT4gifXkd1h6umSfcEiP/3IWVB/uxwcTvG:RNJZzdY3qSuETmkgJQV/9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3be8f86130e531e1475609ffbca81c92_JaffaCakes118

Files

3be8f86130e531e1475609ffbca81c92_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3a50c1f7c117a10b03baf5a1025d7de0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
CreateSemaphoreA
FindAtomA
GetAtomNameA
GetLastError
InterlockedDecrement
InterlockedIncrement
ReleaseSemaphore
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject

msvcrt

_fdopen
_read
_strdup
_write
__dllonexit
__mb_cur_max
_assert
_ctype
_errno
_filelengthi64
_fstati64
_iob
_isctype
_lseeki64
_pctype
_strnicmp
_vsnprintf
abort
fclose
fflush
fgetpos
fopen
fprintf
fread
free
fsetpos
fwrite
getc
localeconv
malloc
memchr
memcpy
memmove
memset
putc
setlocale
setvbuf
strcmp
strcoll
strcpy
strftime
strlen
strtod
strxfrm
ungetc

Exports

Exports

_Z5Hellov

Sections

.text
Size: 246KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a50c1f7c117a10b03baf5a1025d7de0

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 246KB - Virtual size: 246KB

.data Size: 1024B - Virtual size: 656B

.rdata Size: 10KB - Virtual size: 9KB

.bss Size: - Virtual size: 18KB

.edata Size: 512B - Virtual size: 144B

.idata Size: 2KB - Virtual size: 1KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 246KB - Virtual size: 246KB

.data
Size: 1024B - Virtual size: 656B

.rdata
Size: 10KB - Virtual size: 9KB

.bss
Size: - Virtual size: 18KB

.edata
Size: 512B - Virtual size: 144B

.idata
Size: 2KB - Virtual size: 1KB

.reloc
Size: 16KB - Virtual size: 16KB