46f32618ec037eddc93c211c2667b80e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

46f32618ec037eddc93c211c2667b80e_JaffaCakes118
Size

131KB
MD5

46f32618ec037eddc93c211c2667b80e
SHA1

53708be6a6a2796e7f93e268435072338ca8698e
SHA256

e15dd92035487b20ecf393eebc20cb50583df02890ecc200791fc94c4de77f38
SHA512

4c27d261bee682be67913e521a9ffa2133cfa107e94e31150a499859d7ee7a35a3e3d2093216a6b1734228c577a332823adb4e0d4d54ee5f8a721bd1fe6d0c75
SSDEEP

3072:DZW828VY4GgNpx6CfwUiYZ8tmYtxJSov8t9/5W:U8pZGgNXpfwUlZ88YPvi/5W

Score

7^/10

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46f32618ec037eddc93c211c2667b80e_JaffaCakes118

Files

46f32618ec037eddc93c211c2667b80e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fdbfec85672f73d2a4d49635454936d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
ExitProcess

user32

MessageBoxA

Exports

Exports

StartHook
StopHook

Sections

CODE
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 440B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.perplex
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fdbfec85672f73d2a4d49635454936d4

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

CODE Size: 8KB - Virtual size: 12KB

DATA Size: 512B - Virtual size: 440B

BSS Size: - Virtual size: 1KB

.idata Size: 1KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 90B

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 4KB

.perplex Size: 117KB - Virtual size: 117KB

CODE
Size: 8KB - Virtual size: 12KB

DATA
Size: 512B - Virtual size: 440B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 90B

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 4KB

.perplex
Size: 117KB - Virtual size: 117KB