b621ef6cbb73d27637e52bbc6cce3764_JaffaCakes118

General

Target

b621ef6cbb73d27637e52bbc6cce3764_JaffaCakes118
Size

195KB
MD5

b621ef6cbb73d27637e52bbc6cce3764
SHA1

9196d5b995bd6d550c9cfd998771e5ba4c6b2493
SHA256

f2ca0baf7157afb00a43e25c3ce0e7280cafaa2bebb1cda0ca7489e8127fb6f2
SHA512

8441446a786f1be4e11da0899b8ca17cab9cb8cc522d7add24ed1aaef5376920f262e52ecef39bfcf629917bd7cecc47938bd54b6ba04e680266b82d97f90c12
SSDEEP

3072:matylWb8CIe4P5lNQlQp8gPjE4hY6dZJ6FYMOaYQriBh95pcGd:macHe4PRQluY4hYbYMOHBh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b621ef6cbb73d27637e52bbc6cce3764_JaffaCakes118

Files

b621ef6cbb73d27637e52bbc6cce3764_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d16fccd3eb0c5f4640b85bea9deef37f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
lstrcpyA
GetACP
GetCPInfo
SetFilePointer
SetStdHandle
CloseHandle
FlushFileBuffers
GetLocaleInfoW
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
RaiseException
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
GetLocaleInfoA
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualAlloc
LoadLibraryA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

ltkrn11n

ord163
ord161
ord196
ord221
ord190
ord191
ord188
ord179
ord192
ord189
ord174

Exports

Exports

DllMain
fltEnumDimensions
fltInfo
fltLoad
fltSave

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d16fccd3eb0c5f4640b85bea9deef37f

Headers

File Characteristics

Imports

kernel32

ltkrn11n

Exports

Exports

Sections

.text Size: 66KB - Virtual size: 65KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 20KB - Virtual size: 24KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 99KB - Virtual size: 98KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 66KB - Virtual size: 65KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 20KB - Virtual size: 24KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 99KB - Virtual size: 98KB

.reloc
Size: 3KB - Virtual size: 3KB