df30fac64d5421473946f4f3007724cd_JaffaCakes118

General

Target

df30fac64d5421473946f4f3007724cd_JaffaCakes118
Size

412KB
MD5

df30fac64d5421473946f4f3007724cd
SHA1

268656b28a2f3695830909c8eb798344732a68ab
SHA256

b392ed35e9b1c4a299389c6a81a5c567bd372170def76d0ebff31f2ef49ce572
SHA512

a77d03d111e6da1b7b6c18ba9c337987cdafb2602c43d439fc5b8eb83798b627b400e8fb7daeb049406744c3df362fa81362157e38614e023c3332913a5dd5a1
SSDEEP

6144:+bfZnnxWyoFW1dGdStqRxtZgbK1r90VcKpwyDgNZqEZS:MNxWy2xSqJgbKbjKpwyDOS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df30fac64d5421473946f4f3007724cd_JaffaCakes118

Files

df30fac64d5421473946f4f3007724cd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

da9fad7655ec36ea19d43d5a4c6b037c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileSize
FormatMessageA
GetStringTypeA
ExitProcess
FreeLibrary
GetLocalTime
lstrlenW
GetFullPathNameA
FreeResource
HeapDestroy
GetThreadLocale
GetDateFormatA
MulDiv
ExitThread
SizeofResource
GlobalAlloc
VirtualQuery
GetProcessHeap
lstrcmpA
WaitForSingleObject
EnumCalendarInfoA
GetModuleHandleA
GetCPInfo
GetCurrentProcess
lstrcpynA
GetCurrentThread
GetProcAddress
IsBadReadPtr
LoadResource
DeleteFileA
CreateEventA
GetStdHandle
GetCommandLineW
GetCommandLineA
IsBadHugeReadPtr
lstrlenA
VirtualAlloc
SetErrorMode
GetFileAttributesA
VirtualFree
EnterCriticalSection
LoadLibraryExA
RaiseException
MoveFileA
GetModuleHandleW
FindResourceA
GetLocaleInfoA
GetFileType
GlobalDeleteAtom
GetTickCount
GetOEMCP
SetEndOfFile
GetVersion
SetLastError

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 4KB - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 172KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da9fad7655ec36ea19d43d5a4c6b037c

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 144KB - Virtual size: 140KB

.data Size: 4KB - Virtual size: 1KB

BSS Size: 4KB - Virtual size: 524B

.adata Size: 172KB - Virtual size: 170KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 144KB - Virtual size: 140KB

.data
Size: 4KB - Virtual size: 1KB

BSS
Size: 4KB - Virtual size: 524B

.adata
Size: 172KB - Virtual size: 170KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 1KB