608f3ea9095889796216961d6296e103_JaffaCakes118

General

Target

608f3ea9095889796216961d6296e103_JaffaCakes118
Size

72KB
MD5

608f3ea9095889796216961d6296e103
SHA1

2a416c4925e851f084ace0e1894bd9b11c318bf4
SHA256

272ac051360e3b7bca41a0a4c749494d13a48ef9f24e94e12c7729dfac96699b
SHA512

e17b57ec473c12d174dd43144d94b7b13782ddafe6b6eab9ecb003d242e6dfe0fb5e081f840f074684bda8f940dca6f393cf63f7e087344b1c500767c364f673
SSDEEP

1536:Sjjl3nwzSuOqBubw/WgT6zMKAOK2lCWcQajhRuP:C5UOq0ukgOK2l7aFQP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
608f3ea9095889796216961d6296e103_JaffaCakes118

Files

608f3ea9095889796216961d6296e103_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7ce9785937e9eef84df985d77d325000

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
CloseHandle
ReadFile
GetFileSize
CreateFileA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CopyFileA
WriteFile
HeapAlloc
HeapFree
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
VirtualAlloc
HeapReAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetFilePointer
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
FlushFileBuffers
SetStdHandle
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
RtlUnwind

Exports

Exports

Csn_SplitSgnFile
Csn_VerifySgnFile

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ce9785937e9eef84df985d77d325000

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 968B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 968B

.reloc
Size: 4KB - Virtual size: 3KB