d2d93f50ee98a2dfc0378088c2dfa6ce_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d2d93f50ee98a2dfc0378088c2dfa6ce_JaffaCakes118
Size

72KB
MD5

d2d93f50ee98a2dfc0378088c2dfa6ce
SHA1

5e79bf3aa74a4358853ef7a06f095639774261a6
SHA256

a40360fbe08796496d0d877eb4ec4c3d2a9294063f8ca4845898155560d6f837
SHA512

a2a0443738540101b982a6f173ccf110c763c8e0c3fed0bbab9bbe25becbf565527248b33ac098ee9fdd85ef294fef1d661a3bb0ba9cba5c1ce27ff75722b391
SSDEEP

768:1vuYR51MqLJxcKxmTD4KzC4qK4lnua+/MXMdxaoUb9mApfk0Ndv77OuHyGTb:pvlNxcKgsSCvK0nuVIv1k0zHyG3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2d93f50ee98a2dfc0378088c2dfa6ce_JaffaCakes118

Files

d2d93f50ee98a2dfc0378088c2dfa6ce_JaffaCakes118
.dll windows:4 windows x86 arch:x86

510aee17469834f16b7ff01946464364

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

pdb.pdb

Imports

kernel32

SetHandleCount
GetVersionExA
TlsAlloc
UnhandledExceptionFilter
GetDiskFreeSpaceA
WriteFile
EnterCriticalSection
GetStartupInfoA
GetLastError
CreateMutexW
GetFileSize
DeleteFileA
OpenFileMappingW
SetFilePointer
ReleaseMutex
GetFullPathNameA
HeapDestroy
GetProcAddress
Sleep
GetCPInfo
GetEnvironmentStringsW
LocalAlloc
SetUnhandledExceptionFilter
HeapCreate
IsDBCSLeadByte
GetStringTypeW
LCMapStringA
lstrlenA
FreeEnvironmentStringsA
GetStringTypeExA
GetSystemTimeAsFileTime
GetStringTypeA
VirtualProtect
VirtualQuery
MapViewOfFile
CreateThread
SetLastError
CreateFileA
DeleteFileW
VirtualFree
GetOEMCP
lstrlenW
SetEndOfFile
InterlockedDecrement
LoadLibraryA
GetFileType
GetLocaleInfoA
CreateEventA
HeapFree
UnmapViewOfFile
WaitForSingleObject
MultiByteToWideChar
GetEnvironmentVariableA
FreeLibrary
FlushViewOfFile
LocalFree
SetFileTime
FreeEnvironmentStringsW
MoveFileW
CreateMutexA
CloseHandle
GetSystemInfo
GetCurrentThreadId
GetEnvironmentStrings
HeapReAlloc
InitializeCriticalSectionAndSpinCount
GetACP
GetDiskFreeSpaceW
WideCharToMultiByte
CreateFileMappingA
QueryPerformanceCounter
SetEvent
TlsGetValue
DeleteCriticalSection
TlsFree
GetCurrentProcess
lstrcmpA
IsBadReadPtr
TerminateProcess
GetCurrentProcessId
MoveFileA
GetFullPathNameW
OpenFileMappingA
GetTickCount
VirtualAlloc
CompareFileTime
CreateFileMappingW
lstrcmpiA
GetStdHandle
InterlockedIncrement
InterlockedExchange
LeaveCriticalSection
CreateFileW
HeapAlloc
InitializeCriticalSection
DisableThreadLibraryCalls
MoveFileWithProgressA

Exports

Exports

csdujzkvy

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

510aee17469834f16b7ff01946464364

Headers

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.data Size: 16KB - Virtual size: 13KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 552B

.text
Size: 40KB - Virtual size: 36KB

.data
Size: 16KB - Virtual size: 13KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 552B