d3c9b3651b0775aa03ca0b19cd24e586_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d3c9b3651b0775aa03ca0b19cd24e586_JaffaCakes118
Size

270KB
MD5

d3c9b3651b0775aa03ca0b19cd24e586
SHA1

995de7174ea724b9d34ac6a6dc21ea3db3805147
SHA256

60c6f0763521ea660a426ba9cb07edbc6ed0d5e625ac79fc46e80010a1a4ab3a
SHA512

703f56df323bb653d3cc48604dfeb9c0b175117f7a38340e99da4033140aec0019523b26f8505574e85ee72175bef9df388782ebf277ff14ac325c9b55b52d17
SSDEEP

3072:GFxxUmv/WymILRoCca5iKuGuuoAUgIK/JfrTTr8ohUqq6AX+c1iq/NmDStnqyu+/:ClvOxU4KuwAaxtq6AX+ch/iStqdEd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3c9b3651b0775aa03ca0b19cd24e586_JaffaCakes118

Files

d3c9b3651b0775aa03ca0b19cd24e586_JaffaCakes118
.dll windows:5 windows x86 arch:x86

ec9bd0e20d22984e95313abd005361d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
TlsSetValue
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
TlsFree
TlsAlloc
TlsGetValue
GetLastError
DeleteFileA
CloseHandle
CreateFileA
SetEndOfFile
SetFilePointer
GetProcessHeap
RtlUnwind
GetLocalTime
RaiseException
GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
InterlockedIncrement
SetLastError
InterlockedDecrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
ReadFile

Exports

Exports

?CheckHeapValid@@YGHPAX@Z
?ReAllocMem@@YGPAXPAX0KHHPBDK@Z
AllocMem
CreateInstance
DestroyInstance
FreeMem
GetFullStatistics

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 181KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec9bd0e20d22984e95313abd005361d1

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 67KB - Virtual size: 66KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 181KB - Virtual size: 188KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 67KB - Virtual size: 66KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 181KB - Virtual size: 188KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 7KB - Virtual size: 6KB