f6930c8dff6e5530fe667bcb38bf7c0b_JaffaCakes118

General

Target

f6930c8dff6e5530fe667bcb38bf7c0b_JaffaCakes118
Size

476KB
MD5

f6930c8dff6e5530fe667bcb38bf7c0b
SHA1

9492073a91e3d1bf389304bd6b57545c60a64550
SHA256

45468a4cc93ee3af140fa1fbdc822c2c103ef50485fbf2f874eaea966588158f
SHA512

4b67026be59673b455f357c15171a2e007c9f54008118369ae9799605ae8fedf93886d2c048e9bc6acea58f641a0d0675fc49e32c8aa80a56b9a630680985644
SSDEEP

6144:G6rJbbSMJJ1qPBfCYtm2RN/048xjpqjOeIkoMpYNWLkVHH7drzErvmz9:G6rlJ3qPp87SOeIQYNZdT9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6930c8dff6e5530fe667bcb38bf7c0b_JaffaCakes118

Files

f6930c8dff6e5530fe667bcb38bf7c0b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

13ce41e81e1adb78ad00197766496d7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsFree
FlushFileBuffers
lstrcpyA
MultiByteToWideChar
GetStringTypeW
lstrlenA
WideCharToMultiByte
GetACP
CloseHandle
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
HeapAlloc
RtlUnwind
GetLastError
HeapFree
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapDestroy
HeapCreate
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapSize
InitializeCriticalSection
LoadLibraryA
GetLocaleInfoA
GetStringTypeA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle

rpcrt4

UuidCreateSequential

Exports

Exports

plugin_main

Sections

.text
Size: 340KB - Virtual size: 337KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13ce41e81e1adb78ad00197766496d7f

Headers

File Characteristics

Imports

kernel32

rpcrt4

Exports

Exports

Sections

.text Size: 340KB - Virtual size: 337KB

.rdata Size: 80KB - Virtual size: 78KB

.data Size: 12KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 176B

.reloc Size: 36KB - Virtual size: 35KB

.text
Size: 340KB - Virtual size: 337KB

.rdata
Size: 80KB - Virtual size: 78KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 36KB - Virtual size: 35KB