86ea5dca3000c060b3163a5d2cb84647_JaffaCakes118

General

Target

86ea5dca3000c060b3163a5d2cb84647_JaffaCakes118
Size

48KB
MD5

86ea5dca3000c060b3163a5d2cb84647
SHA1

e80c2122f29c72823916a28e916e32c09b975161
SHA256

8be24b68917452f94dd55fc918f1d5e6a7632e8387f8d5f3f85fa0d8dcaf6f93
SHA512

7b7187a8bde377d84787bcc72430a352967117f936e6e4b5cd150e915c3c6d6426577a4b66b671823184da194c31e07a7af51c6db47694df1d1a7dfbf5b69eca
SSDEEP

768:TzEogajVYrYj1ER3TGAEZtkUz8AHpeoNiVyMczXo905NbCSq:3EejV0s1EZTWkUz8GpeoNF7boEN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86ea5dca3000c060b3163a5d2cb84647_JaffaCakes118

Files

86ea5dca3000c060b3163a5d2cb84647_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6cd9a0e4afd6b0e54f21ad2712e03417

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
LoadLibraryA
GetProcAddress
VirtualFree
VirtualAlloc
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
CreateEventA
SetErrorMode
GetCommandLineA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
HeapAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
RtlUnwind

user32

GetForegroundWindow
GetSystemMetrics
wsprintfA

Exports

Exports

OtlAdvise
OtlFreeMarshalStream
OtlMarshalPtrInProc
OtlModuleGetClassObject
OtlModuleInit
OtlModuleRegisterClassObjects
OtlUnadvise
OtlUnmarshalPtr
chk

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cd9a0e4afd6b0e54f21ad2712e03417

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 1KB