f61cfa4243b9bc0357569b28611c4ed5_JaffaCakes118

General

Target

f61cfa4243b9bc0357569b28611c4ed5_JaffaCakes118
Size

124KB
MD5

f61cfa4243b9bc0357569b28611c4ed5
SHA1

09d083c2c38a3c17fccd9d50ce8490ff7c93171e
SHA256

e387b245ed0baf558a1a5e540a587ae4e8f56389c9dee81ed42e3684e27f3ffe
SHA512

5c2f7509da03763c661ce923d5018838ab65cb9181e7461f1cc02745f76e83b46741304e2934ce31cdfbdabd0051925d192ac8615b6ad6c911b32050deb48aa2
SSDEEP

1536:f1TOHYPYq9qoCXmRDFrLFxUcPwj5Fr2et+S+owYQ/rAMgB5smzLNVL3nblrY:6YwsnPUDfye+2BMgBrjDblrY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f61cfa4243b9bc0357569b28611c4ed5_JaffaCakes118

Files

f61cfa4243b9bc0357569b28611c4ed5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0439bac81260b1270821b5965bc2f98a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

UnhandledExceptionFilter
MultiByteToWideChar
WideCharToMultiByte
SetEvent
WaitForSingleObject
ResetEvent
GetCurrentThreadId
CloseHandle
CreateEventA
InterlockedDecrement
SetUnhandledExceptionFilter
GetCurrentProcessId
WriteFile
GlobalAlloc
GlobalFree
GetComputerNameW
GetACP
GetOEMCP
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcess
TerminateProcess
VirtualProtect
InterlockedIncrement
GetCommandLineA
GetTickCount
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
RtlUnwind
GetVersionExA
InterlockedExchange
VirtualQuery
ExitProcess
GetProcAddress
GetModuleHandleA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
HeapAlloc
GetCPInfo
VirtualAlloc
HeapReAlloc
LoadLibraryA
HeapSize
LCMapStringA
LCMapStringW
GetSystemInfo

user32

LoadStringW

advapi32

RegDeleteKeyA
RegEnumKeyExA
RegCloseKey
RegOpenKeyExA

ole32

CoTaskMemFree
ProgIDFromCLSID
CLSIDFromString

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0439bac81260b1270821b5965bc2f98a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 4KB - Virtual size: 37KB

.rsrc Size: 28KB - Virtual size: 25KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 4KB - Virtual size: 37KB

.rsrc
Size: 28KB - Virtual size: 25KB

.reloc
Size: 4KB - Virtual size: 3KB