eb75da004455163d58cb0e95da446484_JaffaCakes118

General

Target

eb75da004455163d58cb0e95da446484_JaffaCakes118
Size

40KB
MD5

eb75da004455163d58cb0e95da446484
SHA1

10f1137e9157b2bef3a5a61c1487eaa1b4458ec6
SHA256

1d4cb30df1aab29623c4ba446e146019d91ef3bb14eb5b331b17227be759ba40
SHA512

18db2a277edb5262b7f6d44cfc1efa8f5df8fb6dd00d6468e5593926d1811bb863a09e77aa8cc9cdf56557f2c15a3416dcc61b66a07a680f50825c1bcef67bda
SSDEEP

768:NLY9qwqOV9h2N2Px2t2B2d2R2A0jTnRpRJ+BHFbLNO/DloKURp4jB+b:N89qwqOV9h2N2J2t2B2d2R2A0jTn3Rkk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb75da004455163d58cb0e95da446484_JaffaCakes118

Files

eb75da004455163d58cb0e95da446484_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d11206c4a52f30174760f1e1f11fc022

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemDirectoryA
MoveFileExA
GetTickCount
GetLastError
Sleep
GetProcessHeap
HeapAlloc
HeapFree
RtlUnwind
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

wsprintfA

advapi32

OpenSCManagerA
QueryServiceStatus
EnumDependentServicesA
OpenServiceA
ControlService
CloseServiceHandle
DeleteService

Exports

Exports

RemoveHeur
ScanHeur

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d11206c4a52f30174760f1e1f11fc022

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB