972ea750954dad81f112926f15c68893_JaffaCakes118

General

Target

972ea750954dad81f112926f15c68893_JaffaCakes118
Size

82KB
MD5

972ea750954dad81f112926f15c68893
SHA1

0b4c72aec2ae965b425e8d8a2ae754983e681b22
SHA256

15294d886bdca1c2a37724ad8289185439a6c286bc498ebbd6a0cec1f95eb2c1
SHA512

41addfcdc8404eb176437a511d0c8a2508a19dfd35bcd96b0f8e43906e0d90ec120fd840835a29d95fe75a7ed69cd6e083d9aa31402cf62928a7b782573d0e2f
SSDEEP

1536:COZEq++74Y1abGNtiMlZwLl6cEw3MdWOlYBiu0ucLRA0iorLE:7++McVsb13ROlHufce0i8E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
972ea750954dad81f112926f15c68893_JaffaCakes118

Files

972ea750954dad81f112926f15c68893_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4ba13f3f1a11f445ce1fb9d6c40b5168

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
GetModuleHandleA
GetVersion
WriteFile
WideCharToMultiByte
LoadLibraryA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetCPInfo
GetModuleFileNameA
GetACP
GetStdHandle
GetFileType
GetStartupInfoA
GetCurrentProcess
TerminateProcess
SetHandleCount
HeapFree
GlobalFree
GetCommandLineA
GetProcAddress
VirtualAlloc
HeapDestroy
HeapCreate
VirtualFree
ExitProcess

ltkrn12n

ord101
ord141
ord131
ord137
ord201
ord125
ord100
ord271
ord273
ord274
ord192
ord272
ord129
ord163
ord189
ord134
ord190
ord188
ord191

Exports

Exports

DllMain
fltDeletePage
fltInfo
fltLoad
fltSave

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ba13f3f1a11f445ce1fb9d6c40b5168

Headers

File Characteristics

Imports

kernel32

ltkrn12n

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 3KB

.idata Size: 57KB - Virtual size: 57KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 844B

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 3KB

.idata
Size: 57KB - Virtual size: 57KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 844B