60dda2922b356ea2fc0a29598c202642_JaffaCakes118

General

Target

60dda2922b356ea2fc0a29598c202642_JaffaCakes118
Size

352KB
MD5

60dda2922b356ea2fc0a29598c202642
SHA1

414dfb2c001c62539d92f6d2c69e9d159c227434
SHA256

ec8fdcc3c354b265fd59bed39182801758ce2b21d8b3c23eddd8108f51b27618
SHA512

d27443f36bfa4cbf5d347b804b298fdd0f3ed59954a80d7aefbdc3bd34d8ac4a621ca603ae288e938088011bbae09976777e0048b9fdca40f41e0d5938aa1d2d
SSDEEP

3072:wzRot6vTuWORUO7p+/hjOgw2145e+BXZ5FscXgyUE7qLTFijueIvGXLg5TxijmfN:jVRh5vnV78TFiwGXLuEmGS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60dda2922b356ea2fc0a29598c202642_JaffaCakes118

Files

60dda2922b356ea2fc0a29598c202642_JaffaCakes118
.dll windows:4 windows x86 arch:x86

261e0bcb9e7479676a1d1b45f6e3cd58

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

carclw60

DISPLAY_READ_STRING
ACCEPT_READ_CONSOLE_INPUT
REALIA_EXEC_WAIT
ACCEPT_CHECK_CONSOLE_INPUT
DISPLAY_SCROLL_UP
GOL$COPYFILL
CARC__GetCurrentDate
DISPLAY_SCROLL_DOWN
GOL$V8
GOL$85
CARC__FreeFormatAccept
CARC__CloseFile
CARC__OpenFile
CARC__Inspect
GOL$58
GOL$S8
CARC__TransformByAlphabet
CARC__FreeFormatDisplay
CARC__ExitInstance
GOL$55
GOL$D5
GOL$R5
CARC__Table_AlphabeticASCII
CARC__ReadRecord
CARC__WriteRecord
CARC__GetCurrentTime
CARC__StartRecord
CARC__ReWriteRecord
CARC__DeleteRecord
CARC__SetKeySuppression
CARC__CancelDynamicInstance
CARC__GetDynamicCallAddress
CARC__StopRun
_CARC__LibraryMain@12
REALIA_EXEC_COMMAND
CARC__CallUnderflowError
GOL$59
CARC__EnterInstance
GOL$A8

kernel32

MoveFileA
DeleteFileA
CreateFileA
CloseHandle

Sections

.text
Size: 304KB - Virtual size: 301KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RCLID_TE
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RCLEP_DA
Size: 4KB - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

261e0bcb9e7479676a1d1b45f6e3cd58

Headers

File Characteristics

Imports

carclw60

kernel32

Sections

.text Size: 304KB - Virtual size: 301KB

RCLID_TE Size: 28KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 260B

RCLEP_DA Size: 4KB - Virtual size: 112B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 304KB - Virtual size: 301KB

RCLID_TE
Size: 28KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 260B

RCLEP_DA
Size: 4KB - Virtual size: 112B

.reloc
Size: 4KB - Virtual size: 1KB