6aad4e72fbf40322d3c1a34540154cfb_JaffaCakes118

General

Target

6aad4e72fbf40322d3c1a34540154cfb_JaffaCakes118
Size

147KB
MD5

6aad4e72fbf40322d3c1a34540154cfb
SHA1

8d10268f25f5dbea784ce5ca3af0d8bd43d8ff21
SHA256

7edca82e6b5d0300283410b69ee557461c45952e36b5e60f0fbb9bc71484e7c3
SHA512

6b820a61b6dc8461b718478443a6cadd8b1dcf04858c7280b2d38208e9adf7d6cc29f67001dfc168a9879b503d6d34d91f41b6b34bafd16242f4b70e186981be
SSDEEP

3072:OQE0MO+dMVTDGNprFOnNbDjq9GMwcAEeV8dJxivfY9gKUvmV5KbMRazQdF:OQE0GWVTUpopDj2KA99DUvqQpQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6aad4e72fbf40322d3c1a34540154cfb_JaffaCakes118

Files

6aad4e72fbf40322d3c1a34540154cfb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6c678f4c1e9ae6fb0ee08600ed9d2f49

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateThread
EnterCriticalSection
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindResourceA
FreeEnvironmentStringsW
GetACP
GetCommandLineA
GetEnvironmentStringsA
GetModuleHandleA
GetModuleHandleW
GetNumberFormatA
GetOEMCP
GetStartupInfoA
GlobalUnlock
HeapAlloc
HeapCreate
HeapReAlloc
IsValidCodePage
LCMapStringW
MultiByteToWideChar
RtlUnwind
SetEndOfFile
SetEvent
SetLastError
SetUnhandledExceptionFilter
VirtualAlloc
lstrcmpA
lstrcpyA
lstrlenA

msvcrt

__p__commode
__set_app_type
exit
strpbrk
strspn
wcscat
__getmainargs

user32

AppendMenuA
CreateMenu
DialogBoxParamA
FindWindowExA
GetMenuItemCount
GetSystemMetrics
GetWindowPlacement
OpenClipboard
TrackPopupMenu

winmm

mmioDescend
mmioRenameA
mmioSendMessage
mmioSetBuffer
timeEndPeriod
waveOutGetNumDevs
mixerGetID

Exports

Exports

NxReportCooking
W32N_CancelPacketRead

Sections

.text
Size: 95KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c678f4c1e9ae6fb0ee08600ed9d2f49

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

winmm

Exports

Exports

Sections

.text Size: 95KB - Virtual size: 224KB

.data Size: 49KB - Virtual size: 52KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 95KB - Virtual size: 224KB

.data
Size: 49KB - Virtual size: 52KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB