b652c85db17606796ecd4339b7e58be6_JaffaCakes118

General

Target

b652c85db17606796ecd4339b7e58be6_JaffaCakes118
Size

56KB
MD5

b652c85db17606796ecd4339b7e58be6
SHA1

e7c645ada41b7164a9a92acff270168926fd0589
SHA256

ba8aafd97267846b0adb8d74a794b44765d14205d38cacf7262897604461295e
SHA512

c67711dad609c4fb8fc4b9c53bdb57b1cc40c5046ee60bcc977213813d0d2e2180f07c7145930e8d14784522fc38e0a78de7839fedf50efb9036bb3f5998efd8
SSDEEP

768:PZPf3uIr0KUYH31l9GFBqueIDqT5vQKnf2q/NtVTFhn5o9tuKG2:hPf+fUlGGufqVHOkNtVTFjoy3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b652c85db17606796ecd4339b7e58be6_JaffaCakes118

Files

b652c85db17606796ecd4339b7e58be6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

18ad0ece12bc2a717c4cbbddad1ebb51

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
lstrlenA
lstrcatA
GetTempPathA
LoadLibraryA
lstrcmpiA
GetProcAddress
VirtualFree
VirtualProtect
VirtualAlloc
CreateFileA
GetCommandLineA
GetStringTypeW
GetStringTypeA
GetVersion
HeapFree
GetLastError
CloseHandle
ExitProcess
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
HeapAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
SetFilePointer
SetEndOfFile
ReadFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
RtlUnwind

user32

wsprintfA

Exports

Exports

Ordinal1
Ordinal2
fOrdchk15311

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 29B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18ad0ece12bc2a717c4cbbddad1ebb51

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 7KB

.tls Size: 4KB - Virtual size: 29B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 7KB

.tls
Size: 4KB - Virtual size: 29B

.reloc
Size: 4KB - Virtual size: 1KB