4d028c7a47c1b0d00e894ad351a61996_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4d028c7a47c1b0d00e894ad351a61996_JaffaCakes118
Size

59KB
MD5

4d028c7a47c1b0d00e894ad351a61996
SHA1

7f0b2e63cba17355013a447a33518162b0ba6611
SHA256

91639aaaad34ed34a5a44e82541bfad16b4c63f0705ea6ce4cb004b10660d211
SHA512

8992c910168e3d34e15d8abb6b699e560b6b979d707fcde3356342855237f3019d84e873520d976fc13ab6c82ed14025e7c30d67d9c866a4dbd1b46002b6c571
SSDEEP

768:gld90RxzAU3KfRGS6LceHTfXEchY0l+bEHwQYf50tyHuCFBX/kD9r93S7mzZawTr:glzAAUPTPhYTbkC0tyHuCzSxYwTXHtce

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d028c7a47c1b0d00e894ad351a61996_JaffaCakes118

Files

4d028c7a47c1b0d00e894ad351a61996_JaffaCakes118
.dll windows:5 windows x64 arch:x64

fb84e384d95a4cae125e8501af00a114

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
ReadFile
Sleep
GetLastError
MapViewOfFile
CreateFileMappingA
GetFileSizeEx
SetLastError
GetCurrentThreadId
FlsSetValue
GetCommandLineA
HeapReAlloc
RtlUnwindEx
RaiseException
RtlPcToFileHeader
RtlLookupFunctionEntry
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
EncodePointer
FlsGetValue
FlsFree
FlsAlloc
ExitProcess
DecodePointer
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
GetVersion
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
HeapSize
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleW
CreateFileW
FlushFileBuffers
GetCurrentProcessId
CreateFileA
SetFilePointer
WriteFile
UnmapViewOfFile
CloseHandle
WideCharToMultiByte
MultiByteToWideChar
HeapAlloc
FreeLibrary
HeapFree
IsBadReadPtr
GetModuleHandleA
GetProcAddress
OutputDebugStringA
GetModuleHandleW
GetModuleFileNameA

Exports

Exports

Install
Test

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb84e384d95a4cae125e8501af00a114

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 5KB - Virtual size: 14KB

.pdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 696B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 5KB - Virtual size: 14KB

.pdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 696B

.reloc
Size: 1KB - Virtual size: 1KB