b45e3c361dd2b6b4610225401b701255_JaffaCakes118

General

Target

b45e3c361dd2b6b4610225401b701255_JaffaCakes118
Size

58KB
MD5

b45e3c361dd2b6b4610225401b701255
SHA1

78a5d9dd84d69ca02019cbd5fe2530d2211770d1
SHA256

caf337738c396af5c8df355cea4acba250b14b33e5dfc724e40b1a5182a1bc92
SHA512

e7b1b2b088d9c945295e2e548d362ae8cb39d6372b605a93df1a6d385f380fb5f20bc7c9353f79f2d44743b2324124905a13d67eaf6bb0934e47f8e05203ffba
SSDEEP

768:OsJJBsFyMUUHgGGwyj62xuKkYY6ZZaF5/XqQXU2FgSwxPtuEjUxZwP64KOAmU:7fBoTUUHAWKVCCQXU4gSwx1UqP6x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b45e3c361dd2b6b4610225401b701255_JaffaCakes118

Files

b45e3c361dd2b6b4610225401b701255_JaffaCakes118
.dll windows:4 windows x86 arch:x86

88541e198c56f5cfd6c8ed512f75551e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
GetComputerNameW
ResetEvent
CreateEventA
CreateFileW
WideCharToMultiByte
CreateFileA
SetNamedPipeHandleState
CreateThread
MultiByteToWideChar
CloseHandle
Sleep
InterlockedIncrement
GetProcAddress
FreeLibrary
ExitThread
SetEvent
GetLastError
ReadFile
WaitForSingleObject
PeekNamedPipe
WriteFile
TransactNamedPipe
GetOverlappedResult
WaitForSingleObjectEx
GetCommandLineA
VirtualProtect
VirtualFree
LoadLibraryA
VirtualAlloc

advapi32

RegCloseKey
RegQueryValueExA
ReportEventA
RegOpenKeyExA

msvcr71

_except_handler3
memmove
_initterm
sprintf
getenv
_wcsicmp
swprintf
_wgetenv
wcstombs
wcslen
wcscpy
free
malloc
_adjust_fdiv
__CppXcptFilter
__dllonexit
_onexit

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 890B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88541e198c56f5cfd6c8ed512f75551e

Headers

File Characteristics

Imports

kernel32

advapi32

msvcr71

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 36KB - Virtual size: 69KB

.sxdata Size: 512B - Virtual size: 8B

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 1024B - Virtual size: 890B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 36KB - Virtual size: 69KB

.sxdata
Size: 512B - Virtual size: 8B

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 1024B - Virtual size: 890B