689cee7c04148c038ba2c2b3a564a2a4_JaffaCakes118

General

Target

689cee7c04148c038ba2c2b3a564a2a4_JaffaCakes118
Size

124KB
MD5

689cee7c04148c038ba2c2b3a564a2a4
SHA1

c15b6b71535ef29e159b6edba5fa23776fffe0f8
SHA256

3976528f374ef6d71f6d9cb254bc065ded9d27dfac8dbf5e95d88e2a09b97388
SHA512

89063e00a9cbc5564193c24e4f84eeed666f78c696c3d602529fdb05cec81a0ce03d6670782cbbdd4a6e348c0523794917a0dffdf34f0dd3ed9ff88a46bba160
SSDEEP

1536:2fPXV4bzzfHayhFlg8Jy0y1NVlokdC+QqUmwpf/GyVmFM/HPm2tTI:2fPl+B9WNVl7C+QTRTmFS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
689cee7c04148c038ba2c2b3a564a2a4_JaffaCakes118

Files

689cee7c04148c038ba2c2b3a564a2a4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

326a79fa632087ad98fe75d893069e96

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ReadProcessMemory
OpenProcess
HeapAlloc
HeapFree
GetCurrentThreadId
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
GetLastError
LCMapStringW
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
SetFilePointer
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
GetLocaleInfoA
GetCPInfo
VirtualProtect
GetSystemInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
LoadLibraryA
SetStdHandle
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FlushFileBuffers

Exports

Exports

a

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

326a79fa632087ad98fe75d893069e96

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 72KB - Virtual size: 87KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 72KB - Virtual size: 87KB

.reloc
Size: 8KB - Virtual size: 4KB