74973fbbb24c5011795772409743dccf_JaffaCakes118

General

Target

74973fbbb24c5011795772409743dccf_JaffaCakes118
Size

392KB
MD5

74973fbbb24c5011795772409743dccf
SHA1

45a85744154f64441066c50ff526416ad44d9856
SHA256

6bfc349bd6f35f20952a47934d3314a8639191dce9824aec20cbe268a36bacfe
SHA512

ab8288e3770d49aee5d9bc3ac083608aecfbfe061a4d13201597d914b5ad36ecef09840f3269beab27dc4de15a371e8e6727dcc25ddd8ff4f5eac2c620a919e8
SSDEEP

12288:h/VbxD35rX/Cw0xlMGnecbF95wI8374hIfKTp7RL3t:4aI83ArT/L9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74973fbbb24c5011795772409743dccf_JaffaCakes118

Files

74973fbbb24c5011795772409743dccf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f0de75d27527c1754c479dd72c7ec73c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
SizeofResource
LockResource
InitializeCriticalSection
HeapFree
VirtualAlloc
EnumResourceNamesA
TerminateProcess
UnhandledExceptionFilter
FreeResource
Sleep
EnterCriticalSection
SetUnhandledExceptionFilter
GetLastError
GetModuleHandleA
GetCurrentThreadId
SetLastError
LeaveCriticalSection
CloseHandle
HeapAlloc
GetTickCount
EndUpdateResourceA
WriteFile
LocalFree
InterlockedDecrement
InterlockedIncrement
EnumResourceTypesA
SetConsoleWindowInfo
MultiByteToWideChar
ExitProcess
QueryPerformanceCounter
LoadResource
LoadLibraryA
GetProcAddress
GetCurrentProcessId
WideCharToMultiByte
HeapSize
FreeLibrary
GetCurrentProcess
GetSystemTimeAsFileTime
FindResourceA
SetConsolePalette

shell32

IsLFNDrive
DragFinish
DuplicateIcon
SHDefExtractIconW

Sections

.textbss
Size: - Virtual size: 392KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0de75d27527c1754c479dd72c7ec73c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

Sections

.textbss Size: - Virtual size: 392KB

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 260KB - Virtual size: 260KB

.rsrc Size: 24KB - Virtual size: 23KB

.debug Size: 108KB - Virtual size: 108KB

.textbss
Size: - Virtual size: 392KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 260KB - Virtual size: 260KB

.rsrc
Size: 24KB - Virtual size: 23KB

.debug
Size: 108KB - Virtual size: 108KB