4686442048138d75ef8aa61dd233c2b4_JaffaCakes118

General

Target

4686442048138d75ef8aa61dd233c2b4_JaffaCakes118
Size

191KB
MD5

4686442048138d75ef8aa61dd233c2b4
SHA1

fcafb37bf8ca96dc6af500d36fc2ebcf063d5f7f
SHA256

d0528ccca6143a39b92168b4d1523aa860087706ef4d1acdecdf39b1b83c8a15
SHA512

cb51d25eb929a0867aeada6ebd12265e89bab62012bd590870293e886d0b125e1528c84d53a91d342b7d7c806a2481c7ba7ab9f923d078ad70cc4d75430bb493
SSDEEP

3072:YLUrMStoEfM9373Fenddxka6gKhswlOH5Dg6MuQVxkxKc0s8aKvDp50gI:Y4lM9LV2r6gKhFlO3Qbk4cz8aKLp50

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4686442048138d75ef8aa61dd233c2b4_JaffaCakes118

Files

4686442048138d75ef8aa61dd233c2b4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1ae8ba91037d53f982c0cdcd8c79b03b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileSize
CreateFileA
lstrcpyA
UnmapViewOfFile
FlushViewOfFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
CreateFileMappingA
GlobalFree
GlobalAlloc
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcmpA
lstrcpynA
MapViewOfFile
CloseHandle
DisableThreadLibraryCalls
DeviceIoControl
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
LCMapStringA
LCMapStringW

imagehlp

ImageRvaToVa
ImageNtHeader
ImageRvaToSection

Exports

Exports

CalcRealHeaderSize
DumpFix
DumpFix64
DumpFixer32
DumpFixer64
GetRealNumberOfSections
GetRealNumberOfSections64
ReBasePEImage
RebuildPE
RebuildResourceDirectoryFile32
RebuildResourceDirectoryMemory32
ResizeFile
ValidateDump32
ValidatePE
WipeReloc

Sections

.data
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ae8ba91037d53f982c0cdcd8c79b03b

Headers

File Characteristics

Imports

kernel32

imagehlp

Exports

Exports

Sections

.data Size: 186KB - Virtual size: 185KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.data
Size: 186KB - Virtual size: 185KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB