4c1158d1cb39318c78b239acacad0766_JaffaCakes118

General

Target

4c1158d1cb39318c78b239acacad0766_JaffaCakes118
Size

23KB
MD5

4c1158d1cb39318c78b239acacad0766
SHA1

3f89d32cb88e5c82627252a34df4e08dd7a85b5b
SHA256

c778cdf7978467d00b12eb4e4629284ccfc25c88c1966a770ae39ddead59a0d8
SHA512

9c9a8f471b7b39fc8c9b91071947ac0b618207d5a18c123943a01ba3232b7b596479c82b40e47b12a4172bf0d69fd80e3bf7ae1c9da3bc0fcb68d173f198a75d
SSDEEP

384:bUdGbrrO1b31pQ8Sc+GmWt0/7uRRkVzW/bMTMR9CHomq:bxQlC8JsCYQzMiCH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c1158d1cb39318c78b239acacad0766_JaffaCakes118

Files

4c1158d1cb39318c78b239acacad0766_JaffaCakes118
.dll windows:5 windows x86 arch:x86

020ec7ef5191b0525dc1a161bacc518e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
GetProcAddress
lstrcmpA
GetLogicalDrives
GetProcessHeap
GetSystemDirectoryA
lstrcatA
FindFirstFileA
GetLogicalDriveStringsA
GetTempFileNameA
LoadLibraryA
GetModuleFileNameA
FindNextFileA
GetModuleHandleA
lstrcpyA
GetFileSize
SetFilePointer
HeapAlloc
GetTickCount
ReadFile
FindClose
DeviceIoControl
DeleteFileA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
IsDebuggerPresent

user32

EnumWindows
CopyIcon
FindWindowA
LoadCursorA
GetWindowThreadProcessId
wsprintfA

setupapi

SetupDiSetDeviceRegistryPropertyA
SetupDiCallClassInstaller
SetupDiCreateDeviceInfoListExA
SetupDiCreateDeviceInfoA
SetupDiDestroyDeviceInfoList
SetupDiGetINFClassA

Exports

Exports

Exbcute
SMsg

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

020ec7ef5191b0525dc1a161bacc518e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

setupapi

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 5KB

.CRT Size: 512B - Virtual size: 4B

.reloc Size: 1024B - Virtual size: 610B

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 5KB

.CRT
Size: 512B - Virtual size: 4B

.reloc
Size: 1024B - Virtual size: 610B