48c3eec8d5ee94b880bcdd84ab32ca83_JaffaCakes118

General

Target

48c3eec8d5ee94b880bcdd84ab32ca83_JaffaCakes118
Size

75KB
MD5

48c3eec8d5ee94b880bcdd84ab32ca83
SHA1

412298e2be2df10afcea1b3104ee47c345481f87
SHA256

4facb12e7ecda3f7782e6a54e040befa44297fbdd232de969e21cbdcdc3427cf
SHA512

4a6a23b86aecbd2a19969bb454f59c273e8a8e3b809b9ffe6d69df66de2d439e28e4a79e45d0f124023b779a30e897ea58a031465f95d1d042d4ff1c5402af6e
SSDEEP

1536:3GpndOQeHi6dyNrdsOLBg5oGsGKbLFqM72D+gwT/W/GYtSlilF:EdOQenerKVSLFP6D+gqwdh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48c3eec8d5ee94b880bcdd84ab32ca83_JaffaCakes118

Files

48c3eec8d5ee94b880bcdd84ab32ca83_JaffaCakes118
.dll windows:1 windows x86 arch:x86

6e01d1224362b24965987aedc1327763

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetVersionExA
EnterCriticalSection
ExitProcess
CloseHandle
GetACP
GetCPInfo
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStrings
CreateFileA
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetFileAttributesA
FreeEnvironmentStringsA
GlobalMemoryStatus
InitializeCriticalSection
LeaveCriticalSection
LocalAlloc
LocalFree
MultiByteToWideChar
RaiseException
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WideCharToMultiByte
WriteFile
GetVersion

user32

MessageBoxA
EnumThreadWindows

Sections

CODE
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TLS
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6e01d1224362b24965987aedc1327763

Headers

File Characteristics

Imports

kernel32

user32

Sections

CODE Size: 37KB - Virtual size: 40KB

DATA Size: 9KB - Virtual size: 24KB

TLS Size: 512B - Virtual size: 4KB

.idata Size: 1KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 4KB

.rsrc Size: 22KB - Virtual size: 24KB

CODE
Size: 37KB - Virtual size: 40KB

DATA
Size: 9KB - Virtual size: 24KB

TLS
Size: 512B - Virtual size: 4KB

.idata
Size: 1KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 22KB - Virtual size: 24KB