bb628b38cb50825fb2091a3e7c57e78c_JaffaCakes118

General

Target

bb628b38cb50825fb2091a3e7c57e78c_JaffaCakes118
Size

184KB
MD5

bb628b38cb50825fb2091a3e7c57e78c
SHA1

17b9e60bab9ab5b9536f4a6ed933689745bca20d
SHA256

50e49622b892d9488fb6f735518e60c0719ea49326629fdb28dd29cfcca79fda
SHA512

5235d3c77083edf4f0b8e0952390f2ec68bc4a95509f5fba9d8d4e3ce86d91f35ef9ec73af6bbd5a5ca5fea55519c9424aa93a46bc92ae2add88a0cbd93fdccf
SSDEEP

3072:hwFb26SPsN015u/7ZI/l1pbXKPjuvEoiQfvOed+gU3DyIA:hwtQsNRTZYDG2yQfvOM+gU32IA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb628b38cb50825fb2091a3e7c57e78c_JaffaCakes118

Files

bb628b38cb50825fb2091a3e7c57e78c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

31b866425e419877fd0834336a753761

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ReadFile
CreateFileW
DisableThreadLibraryCalls
GetModuleFileNameW
lstrcpynA
GlobalAlloc
GetModuleFileNameA
VirtualAlloc
VirtualFree
GlobalFree
GlobalUnlock
GlobalLock
lstrcatW
Sleep
CreateThread
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WideCharToMultiByte
OpenFile
lstrlenW
GetProcessHeap
_lclose
_lread
LoadLibraryExW
GetProcAddress
FreeLibrary
WriteFile
DeleteFileW
GetCommandLineA
ResumeThread
VirtualProtect
HeapAlloc
HeapFree
RtlUnwind
GetVersion
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapReAlloc
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

advapi32

RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31b866425e419877fd0834336a753761

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 84KB - Virtual size: 81KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 44KB - Virtual size: 78KB

.rsrc Size: 44KB - Virtual size: 41KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 84KB - Virtual size: 81KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 44KB - Virtual size: 78KB

.rsrc
Size: 44KB - Virtual size: 41KB

.reloc
Size: 4KB - Virtual size: 2KB