d5b78104b1312a53f296752c38b23488_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d5b78104b1312a53f296752c38b23488_JaffaCakes118
Size

212KB
MD5

d5b78104b1312a53f296752c38b23488
SHA1

8c2f2363771ade65da7e2468028c28718d55392d
SHA256

0ba6c980cf0d398613beb752068d9ed69928809194d6237e0d1c9a0ca3f419ba
SHA512

32694b417f100853ec3ab18907f68ef2c7ba7c4ee180db5d0022f0be47da42260bc81eb020aeea48b3e01a37abe5da8873fb6648c591bc91eb7d5640373d3af3
SSDEEP

3072:nURrqOnaghZavzT0s2rRsamQN6ahC1bBz7zU/WZAn53mkZ8f7QJ4g:6+Ot0T0s/76C1bxsUAnLZe73g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5b78104b1312a53f296752c38b23488_JaffaCakes118

Files

d5b78104b1312a53f296752c38b23488_JaffaCakes118
.dll windows:4 windows x86 arch:x86

536353bdf1a9ec78290935879cf939e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
lstrcpyA
GetProcAddress
SetErrorMode
GetModuleFileNameA
FreeLibrary
DeleteFileA
lstrlenA
GetTempFileNameA
GetTempPathA
GetFileType
SetHandleCount
CloseHandle
FlushFileBuffers
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
SetStdHandle
VirtualAlloc
HeapAlloc
HeapFree
SetFilePointer
GetLastError
WriteFile
GetCommandLineA
GetModuleHandleA
GetVersion
ExitProcess
LoadLibraryA
GetCurrentProcess
HeapDestroy
HeapCreate
VirtualFree
GetEnvironmentStringsW
WideCharToMultiByte
GetStdHandle
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW

ltkrn13n

ord274
ord271
ord285
ord272
ord134
ord163
ord192
ord189
ord188
ord190
ord273
ord194
ord191
ord282
ord283

Exports

Exports

DllMain
fltInfo
fltLoad
fltSave

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 166KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

536353bdf1a9ec78290935879cf939e7

Headers

File Characteristics

Imports

kernel32

ltkrn13n

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 6KB - Virtual size: 10KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text Size: 166KB - Virtual size: 168KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 6KB - Virtual size: 10KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 166KB - Virtual size: 168KB