df126e0e03b462892c3c9e8230b22c89_JaffaCakes118

General

Target

df126e0e03b462892c3c9e8230b22c89_JaffaCakes118
Size

52KB
MD5

df126e0e03b462892c3c9e8230b22c89
SHA1

c197c5a0140f3fefc6e586cf66b1d0f6e5284e17
SHA256

13cdb04c7482346e59dbffde945709d90a5cf0d32907f85f30f25f8770569fbb
SHA512

5389e8f7830dd43f163f90f73bb6d45fa7e9d8845dd60a4cbacebea02bdb74971669ba3e61f760d93e2536cd07dfb6da0ebaa72455cdd80802e2f85cb4abad58
SSDEEP

768:Qrjs50/YZE8+6Qz/0Nln7IbtfBOtNQywaZXo98U0Lu:QrjsO/W+5un7IbtfkjXhdoJ0Lu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df126e0e03b462892c3c9e8230b22c89_JaffaCakes118

Files

df126e0e03b462892c3c9e8230b22c89_JaffaCakes118
.dll windows:4 windows x86 arch:x86

27b1fd826dc04fc119ed6db3fd94a470

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
VirtualFree
GetSystemInfo
GetSystemTimeAsFileTime
SetErrorMode
GetProcAddress
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
lstrcmpiA
GetCommandLineA
VirtualAlloc
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
HeapAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
RtlUnwind

user32

GetForegroundWindow
GetSystemMetrics

advapi32

RegCloseKey
RegOpenKeyExW

Exports

Exports

DeleteExtractedFiles
DllGetVersion
Extract
FCIAddFile
FCICreate
FCIDestroy
FCIFlushFolder
GetDllVersion
baReadCfg
slModuleInit
slModuleRegisterClassObjects

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27b1fd826dc04fc119ed6db3fd94a470

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 1KB