b9d6d71dc738d16c7244605d471daf4b_JaffaCakes118

General

Target

b9d6d71dc738d16c7244605d471daf4b_JaffaCakes118
Size

52KB
MD5

b9d6d71dc738d16c7244605d471daf4b
SHA1

ae812b6a2370d48d7f7cbf86e9c31d7cd709f7ec
SHA256

3d817ec42e15c2b395048b852add3f6e2f4dd0f6df475ff38cee4083368d90d5
SHA512

71ee80c502d9dc6fdfe8eb31188aa0f0c362770e03ff2ad69055961a01eafb817de10c4c99379c9a379435b0ce868dd6fdb4bc42f7a06133ff6a7a36b7561fb5
SSDEEP

768:sE4C3ovdZMZTd+ESgGLD3A0xp8pM4gZj74znZyhHzXo9r8koF:x4plM5rwLD3h+pMh974znI1boSlF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9d6d71dc738d16c7244605d471daf4b_JaffaCakes118

Files

b9d6d71dc738d16c7244605d471daf4b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cf4c5d8f4ce455b2b601cf1c4121e840

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
lstrcmpiA
GetProcAddress
LoadLibraryA
VirtualFree
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
CreateEventA
SetErrorMode
GetCommandLineA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
HeapAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
RtlUnwind

user32

GetForegroundWindow
GetSystemMetrics
wsprintfA

Exports

Exports

l_Abs
l_Advise
l_FreeMarshalStream
l_MarshalPtrInProc
l_ModuleGetClassObject
l_ModuleInit
l_ModuleRegisterClassObjects
l_Unadvise
l_UnmarshalPtr

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf4c5d8f4ce455b2b601cf1c4121e840

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 816B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 816B

.reloc
Size: 4KB - Virtual size: 1KB