b4f45a071372e34f6775d03ffc886633_JaffaCakes118

General

Target

b4f45a071372e34f6775d03ffc886633_JaffaCakes118
Size

76KB
MD5

b4f45a071372e34f6775d03ffc886633
SHA1

2cb34f6b83faee8efe60b32a3e4d627b264f7918
SHA256

ad20c3ecad7d239e76feb955615f437137d7cdea2bc9985415c1b92b77d6a4a7
SHA512

fe2e984e1b048edd1bff3979f14dc36af58316b3681e93ef50b179e7458d777ac615a531bf0d24232e26ecc9bb8bd4188d344f2f47ba2941583bc85cd52c97ab
SSDEEP

768:4PBMIlX2zTfO3ncVunTIjIz5cT+r6RUT/6H4Lgs+yiB9i3IPs5783i/oPeEU:45M82zuncVUcszqT+rY6/QPYysCCoP3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4f45a071372e34f6775d03ffc886633_JaffaCakes118

Files

b4f45a071372e34f6775d03ffc886633_JaffaCakes118
.dll windows:4 windows x86 arch:x86

811ed0ca0b1be6fdfd4340e280965467

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
GetCommandLineA
GetVersion
RaiseException
HeapFree
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetProcAddress
GetModuleHandleA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
SetStdHandle
FlushFileBuffers
CloseHandle

Exports

Exports

getModuleProperties
makeModule

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

811ed0ca0b1be6fdfd4340e280965467

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 10KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 10KB

.reloc
Size: 8KB - Virtual size: 4KB