b4437585d505bbbe529414adb60305d9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b4437585d505bbbe529414adb60305d9_JaffaCakes118
Size

21KB
MD5

b4437585d505bbbe529414adb60305d9
SHA1

259413b8b5de476ca1dddd5fce1eb0493e4b07c7
SHA256

9a2bb44748344471258c1b44e0e0f932a5ac7a8c62d829b7b6a7ae3fb4d3f4af
SHA512

685c9ffcab0e10bf92cb21b503a61a11d0c7d386767516025c7746e48f34701a42e69186a9e39b3c4610543fed81ed432d12656ed808b4fd830ac62c5e52fabb
SSDEEP

384:+elfzaJxXOmFpikgs9XbOeYSqePz6YYjf5lg3WzEmo:+IWxd7f9GHhYYT5K3Wza

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4437585d505bbbe529414adb60305d9_JaffaCakes118

Files

b4437585d505bbbe529414adb60305d9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5d065c4fef5e2953b3805f31a0a08ee8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

cmdial32

AutoDialFunc

adsnt

DllGetClassObject

kernel32

InterlockedDecrement
VirtualFree
GetStringTypeA
LoadLibraryA
FindResourceA
GetCPInfo
GetEnvironmentStrings
HeapDestroy
FreeLibrary
lstrcatA
GetLastError
TlsGetValue
SetConsoleCtrlHandler
EnterCriticalSection
LoadLibraryExA
GetModuleFileNameA
DisableThreadLibraryCalls
GetCurrentThreadId
GetACP
HeapReAlloc
UnhandledExceptionFilter
lstrcmpiA
LCMapStringA
IsDBCSLeadByte
TlsFree
FreeEnvironmentStringsA
SetLastError
GetShortPathNameA
GetStdHandle
HeapAlloc
TlsAlloc
ExitProcess
GetCommandLineA
VirtualAlloc
WideCharToMultiByte
FatalAppExitA
SetUnhandledExceptionFilter
IsBadReadPtr
HeapFree
GetVersion
GetFileType
LeaveCriticalSection
WriteFile
FreeEnvironmentStringsW
GetStringTypeW
HeapCreate
lstrlenA
InterlockedIncrement
InitializeCriticalSection
lstrcpynA
IsBadCodePtr
GetProcAddress
GetStartupInfoA
GetCurrentThread
GetCurrentProcess
TerminateProcess
GetEnvironmentStringsW
GetOEMCP
MultiByteToWideChar
SizeofResource
GetModuleHandleA
DeleteCriticalSection
TlsSetValue
LoadResource
lstrcpyA
RtlUnwind
IsBadWritePtr
SetHandleCount
LCMapStringW
lstrlenW

dataclen

DllGetClassObject

Sections

.text
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d065c4fef5e2953b3805f31a0a08ee8

Headers

DLL Characteristics

File Characteristics

Imports

cmdial32

adsnt

kernel32

dataclen

Sections

.text Size: 512B - Virtual size: 416B

.rsrc Size: 12KB - Virtual size: 11KB

.idata Size: 2KB - Virtual size: 2KB

.data Size: - Virtual size: 80KB

.rdata Size: 5KB - Virtual size: 4KB

.text
Size: 512B - Virtual size: 416B

.rsrc
Size: 12KB - Virtual size: 11KB

.idata
Size: 2KB - Virtual size: 2KB

.data
Size: - Virtual size: 80KB

.rdata
Size: 5KB - Virtual size: 4KB