46353a282d0036de5ad04933aa18f97c_JaffaCakes118

General

Target

46353a282d0036de5ad04933aa18f97c_JaffaCakes118
Size

166KB
MD5

46353a282d0036de5ad04933aa18f97c
SHA1

64e79097c384ceb79441af58586cc0b34c4b0409
SHA256

2296d5a10106359e59900ab096172239dd72751de181b9718586c68305faf81f
SHA512

20a0d966715e68ba3b9d62d521f19108bfb8b02cb8177a3602c648e31ab483776d1bf14adfe77b20c91441906f93fbff18380ab59d15f3b6d32c69fbae574e49
SSDEEP

3072:L7AknkTA8k3IsBrfa3jbaZSeTutjY9HBrMLxXEQ1RqBwzyGj1Lb/mne:Ik4E+bagehBrMLxT1d/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46353a282d0036de5ad04933aa18f97c_JaffaCakes118

Files

46353a282d0036de5ad04933aa18f97c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

04d3cf08b0ebaf055939c4cf14930579

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileMappingA
DeviceIoControl
DuplicateHandle
ExitProcess
FatalAppExitA
FindResourceA
FreeEnvironmentStringsA
GetACP
GetCommandLineA
GetConsoleMode
GetCurrentProcess
GetDriveTypeA
GetModuleHandleA
GetOEMCP
GetProcessWorkingSetSize
GetStartupInfoA
GetStringTypeA
GlobalReAlloc
HeapAlloc
HeapCreate
HeapReAlloc
MultiByteToWideChar
RtlUnwind
SetErrorMode
SetLastError
SetUnhandledExceptionFilter
lstrcmpA
lstrcmpiA
lstrcpynA

msvcrt

__p__commode
__set_app_type
exit
free
__getmainargs

user32

InvalidateRgn
GetSysColorBrush
BeginPaint
CloseClipboard
GetUserObjectSecurity

ole32

StringFromGUID2
CoCreateInstance

Exports

Exports

CaptureDeviceDialog
CaptureFrame
CheckForUpdatesSync
FlushWZCDbLog
GetModeForAdapter
GetUpdateCount
ServerGetApplicationType
SetupSave
StopStreaming
TabbedTextOutWCP_ME
W32N_IoctlNdisQueryGlobalStats
W32N_OSGetPlatformVersion
XFromIchRaw2

Sections

.text
Size: 86KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04d3cf08b0ebaf055939c4cf14930579

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

ole32

Exports

Exports

Sections

.text Size: 86KB - Virtual size: 184KB

.data Size: 77KB - Virtual size: 80KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 86KB - Virtual size: 184KB

.data
Size: 77KB - Virtual size: 80KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB