3e575ce205d2b5b5f3b3bda20fe7d74f_JaffaCakes118

General

Target

3e575ce205d2b5b5f3b3bda20fe7d74f_JaffaCakes118
Size

32KB
MD5

3e575ce205d2b5b5f3b3bda20fe7d74f
SHA1

b156cd473810745b46ec7f5b951637eb57ac53a5
SHA256

3454f14c0c4a9900fde1b5b2be9d588a071f0ce29baedd695cdae2eb21c1a33d
SHA512

32c4f9fc3ea2b1a5535fed104344b8d7b2102d15af1d54163f3fb6ad579670df5c094ebc8bcc7dc044e59e1d236404cf6fa81e277888ed2fc40f029d0c170aa6
SSDEEP

384:Sv2pPkgjqPckzYBiGESxf+IEOFfunjgH8bfEtwkDx:c2dkgjqhY7NZhX8EcoqGx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e575ce205d2b5b5f3b3bda20fe7d74f_JaffaCakes118

Files

3e575ce205d2b5b5f3b3bda20fe7d74f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

78d394180cd478235602c08fcebe7545

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
GetLastError
CreateMutexA
GetTickCount
GetEnvironmentVariableA
GetCommandLineA
GetVolumeInformationA
WaitForSingleObject
CreateThread
WaitForMultipleObjects
ResetEvent
SetUnhandledExceptionFilter
SetErrorMode
ExitThread
GetTempPathA
FindFirstFileA
CopyFileA
FindNextFileA
MoveFileA
FindClose
GetSystemTime
CreateFileA
VirtualAlloc
VirtualFree
WriteFile
ReadFile
SetFilePointer
Sleep
CreateEventA
GetVersionExA
GetSystemInfo
DeleteFileA
CreateToolhelp32Snapshot
Process32First
Process32Next
LoadLibraryA
GetProcAddress
FreeLibrary
SetFileAttributesA
GetComputerNameA

advapi32

GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegNotifyChangeKeyValue

msvcrt

strncat
fflush
_except_handler3
fprintf
_iob
memcmp
_getdiskfree
tolower
_initterm
_adjust_fdiv
fopen
fseek
ftell
fread
fwrite
fclose
strlen
strrchr
strcpy
srand
rand
exit
strncpy
strcat
malloc
memset
memcpy
free
strstr
_itoa

Exports

Exports

_start@16

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 772B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78d394180cd478235602c08fcebe7545

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 772B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 772B

.reloc
Size: 4KB - Virtual size: 1KB