a1c2b98cb70620f8bd8a805b0d6b86b0_JaffaCakes118

General

Target

a1c2b98cb70620f8bd8a805b0d6b86b0_JaffaCakes118
Size

222KB
MD5

a1c2b98cb70620f8bd8a805b0d6b86b0
SHA1

384f32a92287a161958d40c5f29f1e3915652f4e
SHA256

edd611e418c9fca33216f25c1bfe97b47036a03883b8d6ffc936c50c8e7c8b8e
SHA512

d4e29159d1651a7fc4127552f97f9d55683940e90dba91b54ba3565dccbd4c7afc7132bced916fa41e79714c718e439d7b154c50b45945584fc3e70621ceade3
SSDEEP

3072:IiEc0tWFifpZQ6zEhP6FabvtyMflRbPnSa6nDtV7Gp7gL25OM6Bw9/QASwuuh+pS:IiE7wwhZFabxXAnPSBgy5lqARF4TasL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1c2b98cb70620f8bd8a805b0d6b86b0_JaffaCakes118

Files

a1c2b98cb70620f8bd8a805b0d6b86b0_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

69d46ae242345f2735991a5da3ddfde1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GetProcAddress
LoadLibraryA
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
HeapAlloc
RtlUnwind
VirtualAlloc
HeapReAlloc
InitializeCriticalSectionAndSpinCount
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69d46ae242345f2735991a5da3ddfde1

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 134KB - Virtual size: 137KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 134KB - Virtual size: 137KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 5KB - Virtual size: 4KB