d6470ece77a4e6577fbacd3e46f1aed7_JaffaCakes118

General

Target

d6470ece77a4e6577fbacd3e46f1aed7_JaffaCakes118
Size

87KB
MD5

d6470ece77a4e6577fbacd3e46f1aed7
SHA1

6de28f030037aac3ca3efb9a9a9d54a0a9a64472
SHA256

f275a400d4fb4753221a2056e2e0000d8e46813b9e19645c2379d265f31dfaaf
SHA512

96c38eb6981cc141ed8c6c1ce3c20366b3f1f0ff8d9d9374155d68d0dd6ad9fa366f7cce567a0f588d66d0c16846a121fc00766d9acf2e7991dfef3f795eaa73
SSDEEP

1536:wzlF3rt/iHVT3vepgejQMaQn2AMDA1JwrAEtXvX3ihJqeeibDKO:wzlFVqVTepgUzeAjU9XvHiHqHwK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6470ece77a4e6577fbacd3e46f1aed7_JaffaCakes118

Files

d6470ece77a4e6577fbacd3e46f1aed7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

efc4eecc92970e55aa3d66789422cc02

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualFree
FindNextFileA
lstrcatA
lstrlenA
lstrcpyA
lstrcmpA
GetLastError
FindFirstFileA
GetModuleFileNameA
GetStartupInfoA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
FindClose
SetHandleCount
GetFileType
GetStdHandle
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
WriteFile
HeapFree
HeapAlloc
VirtualAlloc

ltfil13n

ord105
ord100
ord185

ltkrn13n

ord125

Exports

Exports

DllMain
L_BrowseDir

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

efc4eecc92970e55aa3d66789422cc02

Headers

File Characteristics

Imports

kernel32

ltfil13n

ltkrn13n

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 5KB

.idata Size: 57KB - Virtual size: 57KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 5KB

.idata
Size: 57KB - Virtual size: 57KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB