c955be9bc4e1c500d36a254ffea8daa5_JaffaCakes118

General

Target

c955be9bc4e1c500d36a254ffea8daa5_JaffaCakes118
Size

148KB
MD5

c955be9bc4e1c500d36a254ffea8daa5
SHA1

58e373d1e380e2725158a39d478250f8619e49d9
SHA256

822828d8a3b340dac604e367f2b3d40c33fe241a6eac80c2b1165e7a30e281dc
SHA512

f9fb7c34123f01434f7ca097f57035b951bb62f0e97df684e76c1ba8bfd6faa1120bd04f00616c558d151b7d1a0821bedfe96e0835d272fbebf990368317e8c9
SSDEEP

1536:nPMiYexh72gjBC3cbPQ22HxpVEny0vLBqpJ3GN+8Z1MCrhS3ubnH1tTSM8t8JLfr:n9XIs7XLIu+8Z1Mz8mM8+Ffny3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c955be9bc4e1c500d36a254ffea8daa5_JaffaCakes118

Files

c955be9bc4e1c500d36a254ffea8daa5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c6d6ef28c1942342a9dd2893d75ae5f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocalTime
GetProcAddress
FindClose
GetLastError
HeapDestroy
DeleteCriticalSection
InitializeCriticalSection
FreeLibrary
DebugBreak
lstrlenA
CompareStringA
InterlockedExchange
GetModuleHandleA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
LoadLibraryA
SetLastError

ole32

CoCreateInstance

oleaut32

VariantCopy
SysFreeString
SysAllocString
VariantClear
VariantChangeType

msvcrt

_adjust_fdiv
malloc
_initterm
??2@YAPAXI@Z
_vsnwprintf
swprintf
__CxxFrameHandler
_wmakepath
_wsplitpath
wcsrchr
wcstoul
_purecall
wcscmp
wcslen
wcscpy
_wcsicmp
memmove
iswdigit
_wtoi
free

Exports

Exports

DE_CloseTMInfoProject
DE_CreateTMInfo
DE_FindFirstTMInfo
DE_FindNextTMInfo
DE_GetTMInfoPath
DE_InitTMInfo
DE_OpenTMInfoProject
DE_UninitTMInfo

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6d6ef28c1942342a9dd2893d75ae5f4

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

msvcrt

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 24KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 100KB - Virtual size: 99KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 100KB - Virtual size: 99KB

.reloc
Size: 4KB - Virtual size: 3KB