be2249f553ca568419ed6184a0f09f32_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

be2249f553ca568419ed6184a0f09f32_JaffaCakes118
Size

208KB
MD5

be2249f553ca568419ed6184a0f09f32
SHA1

43471f08a5d5464e834c4f1af349c08f4237e3f8
SHA256

d3fd4500af49a47c4fbda360351e6d970d29fc10921d7c18fb898bbf7f4766af
SHA512

75ef54e750de9216a5e5baa7c2ec40da5505d8fe2a3eecc3ac9ec15bcdd668e61130c8155ac688ca3ebd482f0388c5f67db9c140540c0f9779aff9e3cb1c3bc6
SSDEEP

6144:gNa09CI0e/C0f2UutCbLCGCFy6p5qqDLufPizLV4E:aa0Eje/C0f5uwCGCFy6p0qnufPz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be2249f553ca568419ed6184a0f09f32_JaffaCakes118

Files

be2249f553ca568419ed6184a0f09f32_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7f2933ec4e069f66cd507d2b01f38be0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEndOfFile
GetTickCount
WriteFile
ReadFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GlobalAlloc
GlobalFree
SetFilePointer
VirtualAlloc
VirtualFree
CreateEventA
ResetEvent
WaitForSingleObject
GetCurrentProcessId
SleepEx
Sleep
GetExitCodeThread
SetEvent
CloseHandle
GetFileSize
DeleteFileA
ReleaseMutex
InterlockedDecrement
InterlockedCompareExchange
HeapDestroy
InterlockedExchange
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
GetProcessHeap
GetOverlappedResult
DeviceIoControl
DisableThreadLibraryCalls
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToDosDateTime
GetFileAttributesA
LoadLibraryA
GetProcAddress
FreeLibrary
IsDebuggerPresent
InterlockedIncrement
GetCommandLineA
CreateFileA
VirtualProtect
RtlUnwind
GetVersionExA
VirtualQuery
ExitProcess
GetModuleHandleA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
HeapCreate
HeapFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
HeapAlloc
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetSystemInfo

advapi32

RegDeleteKeyA
ReportEventA
RegCloseKey

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f2933ec4e069f66cd507d2b01f38be0

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 52KB - Virtual size: 94KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 52KB - Virtual size: 94KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 6KB