c929e9569977db8064c55cd72fec651a_JaffaCakes118

General

Target

c929e9569977db8064c55cd72fec651a_JaffaCakes118
Size

80KB
MD5

c929e9569977db8064c55cd72fec651a
SHA1

3ae0ac3f743c86bd831a629535bba46603e17311
SHA256

00bf488f2a7ff5ae0b44ded1846c27795b0e2289ccf0819bc053ac80b1234a62
SHA512

0f8c26c4f3be44cfa7da6ef6707ac7ba30de30d31a80d22ac5d59f4665a208bf30c167eb5ce0a4459a55e7be88cc115dbf013832442414bd04c09725c738c990
SSDEEP

1536:K+w4eWny2APk2agr3BZAHk8HXxv9HfGoOE:K+wWymq7Yksx4oJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c929e9569977db8064c55cd72fec651a_JaffaCakes118

Files

c929e9569977db8064c55cd72fec651a_JaffaCakes118
.dll windows:5 windows x86 arch:x86

e1783f036b35eb30c9bb88be6c594a0d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

DBnmpntw.pdb

Imports

kernel32

GetVersionExA
ExitThread
SetEvent
GetLastError
ReadFile
WaitForSingleObject
SetLastError
PeekNamedPipe
WriteFile
TransactNamedPipe
GetOverlappedResult
WaitForSingleObjectEx
FreeLibrary
GetProcAddress
LoadLibraryA
Sleep
CloseHandle
MultiByteToWideChar
CreateThread
SetNamedPipeHandleState
CreateFileA
WideCharToMultiByte
CreateFileW
CreateEventA
CancelIo
ResetEvent
GetComputerNameW
GetComputerNameA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

msvcrt

wcscpy
wcslen
wcstombs
_snwprintf
_wgetenv
_wcsicmp
_snprintf
getenv
_stricmp

Exports

Exports

ConnectionCheckForData
ConnectionClose
ConnectionError
ConnectionErrorW
ConnectionMode
ConnectionObjectSize
ConnectionOpen
ConnectionOpenW
ConnectionRead
ConnectionServerEnum
ConnectionServerEnumW
ConnectionStatus
ConnectionTransact
ConnectionVer
ConnectionWrite
ConnectionWriteOOB

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 534B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1783f036b35eb30c9bb88be6c594a0d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 8KB

.data Size: 56KB - Virtual size: 52KB

.rsrc Size: 4KB - Virtual size: 1008B

.reloc Size: 4KB - Virtual size: 534B

.text
Size: 12KB - Virtual size: 8KB

.data
Size: 56KB - Virtual size: 52KB

.rsrc
Size: 4KB - Virtual size: 1008B

.reloc
Size: 4KB - Virtual size: 534B