45a89a6a75020e51efe0353c43c3c03a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45a89a6a75020e51efe0353c43c3c03a_JaffaCakes118
Size

76KB
MD5

45a89a6a75020e51efe0353c43c3c03a
SHA1

96df1219ba2b8b3c27a1a7860ee18b80b1ce6b3a
SHA256

8ffb0ec2fe6303af22c6b1c8cc78685af063b76214ae04ffdc63a89706661df7
SHA512

ab22feae7b2a81b4f5b233f456cd0c3739023f607765a5dcc2ca683f1b20df235d51f23f9ed05017f4e4cf03b65114b153ce2e6fd04e20e23734dad81e898f96
SSDEEP

1536:lSa8htfuIH/2LPRV9seWlMtB9kh5qABXp/cViWN7I:lSa873fiZfsQ5kh5BB5/rWN7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45a89a6a75020e51efe0353c43c3c03a_JaffaCakes118

Files

45a89a6a75020e51efe0353c43c3c03a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

63898381f60f7063a5a8dfb339fd5ea1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

pdb.pdb

Imports

kernel32

GetVersionExA
FreeLibrary
LocalAlloc
GetEnvironmentVariableA
GetFileSize
DeleteCriticalSection
SetEndOfFile
EnterCriticalSection
SetLastError
GetSystemInfo
WideCharToMultiByte
SetFileTime
HeapReAlloc
LocalFree
VirtualAlloc
GetCPInfo
CreateEventA
GetCurrentProcessId
HeapFree
VirtualQuery
GetFullPathNameW
CreateFileW
FlushViewOfFile
GetEnvironmentStrings
GetCurrentProcess
IsDBCSLeadByte
GetLocaleInfoA
lstrcmpiA
DisableThreadLibraryCalls
TlsFree
GetSystemTimeAsFileTime
DeleteFileA
CreateThread
SetFilePointer
CreateFileA
DeleteFileW
HeapDestroy
GetStringTypeExA
GetDiskFreeSpaceW
GetStdHandle
InitializeCriticalSection
CloseHandle
HeapCreate
ReleaseMutex
InitializeCriticalSectionAndSpinCount
VirtualProtect
GetStartupInfoA
UnhandledExceptionFilter
CreateMutexA
TlsGetValue
GetDiskFreeSpaceA
GetStringTypeA
GetCurrentThreadId
MultiByteToWideChar
WaitForSingleObject
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
MoveFileA
VirtualFree
CreateFileMappingA
SetEvent
GetEnvironmentStringsW
GetLastError
CreateFileMappingW
LeaveCriticalSection
GetStringTypeW
InterlockedDecrement
TerminateProcess
MoveFileW
LCMapStringA
TlsAlloc
GetFullPathNameA
WriteFile
GetProcAddress
lstrcmpA
OpenFileMappingW
GetACP
GetFileType
QueryPerformanceCounter
Sleep
OpenFileMappingA
UnmapViewOfFile
SetHandleCount
CompareFileTime
lstrlenA
CreateMutexW
InterlockedExchange
LoadLibraryA
InterlockedIncrement
FreeEnvironmentStringsW
lstrlenW
HeapAlloc
MapViewOfFile
GetOEMCP
IsBadReadPtr
GetTickCount
MoveFileWithProgressA

Exports

Exports

dplnbyhl

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63898381f60f7063a5a8dfb339fd5ea1

Headers

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.data Size: 16KB - Virtual size: 13KB

.rsrc Size: 12KB - Virtual size: 9KB

.reloc Size: 4KB - Virtual size: 552B

.text
Size: 40KB - Virtual size: 36KB

.data
Size: 16KB - Virtual size: 13KB

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 4KB - Virtual size: 552B