670ec36661029cbf63d43c3f45a3f4ec_JaffaCakes118

General

Target

670ec36661029cbf63d43c3f45a3f4ec_JaffaCakes118
Size

80KB
MD5

670ec36661029cbf63d43c3f45a3f4ec
SHA1

1b2d93c5807886c8e2c2821586c54f3b3d997ad7
SHA256

07317955720e19d58f745dd0950d16fa1b601beedf3c8c8a7e806206a4a512f4
SHA512

60b7747f1ab192de0a8327dec73cb99b847d18c8ea3a91695adf6ffd377de9a0f743ae22e25db17db350d8fd32cf38557d160e34a943be9c551e258980759b6b
SSDEEP

1536:BLucUmxmLTkvn/rVR8CFAjrI4UGCT042cBHl/D5:BLuNYOALVRhk84pCV2cBB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
670ec36661029cbf63d43c3f45a3f4ec_JaffaCakes118

Files

670ec36661029cbf63d43c3f45a3f4ec_JaffaCakes118
.dll windows:4 windows x86 arch:x86

61f1c38e687391176a46533666404efe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
CreateFileMappingA
LocalFree
GetVolumeInformationA
GetCommandLineA
SetLastError
Sleep
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
ReleaseMutex
CopyFileA
HeapAlloc
VirtualProtect
GetProcAddress
MapViewOfFile
GlobalFlags
GlobalAlloc
SetFilePointer
GlobalGetAtomNameA
GetFileSizeEx
GetModuleHandleW
GetLogicalDriveStringsA
GetExitCodeProcess
CompareStringW
WriteProcessMemory
FindCloseChangeNotification
OpenMutexW
CreateProcessW
SetEnvironmentVariableW
SearchPathW
FormatMessageW
GetModuleFileNameW
GetSystemWow64DirectoryW
SetNamedPipeHandleState
GetLocaleInfoA
SetFileTime
RemoveDirectoryA
MoveFileA
GetStdHandle
SetSystemTime
FindFirstChangeNotificationW
VerifyVersionInfoW
QueueUserAPC
FindResourceW
ExpandEnvironmentStringsA
GlobalAddAtomA
CreateFileW
SetCommMask
lstrcpynW
SetConsoleActiveScreenBuffer
ChangeTimerQueueTimer
HeapCreate

Exports

Exports

SmartMainCtrl

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61f1c38e687391176a46533666404efe

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB