faecb8728ab724ebbe790acd4b0bc4a9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

faecb8728ab724ebbe790acd4b0bc4a9_JaffaCakes118
Size

64KB
MD5

faecb8728ab724ebbe790acd4b0bc4a9
SHA1

41cdd281b56680cd79a7c8fa6324d4045cf03168
SHA256

80db0cf06a357810ea46a4cb48c252c59c8f1494a6d7a79a79dc12af2e2e192a
SHA512

8cd76b39a29e6dc9e408635d018fea7c821689b198c6c6d84083b7001dffc13f6b44e64c8f75b173fabbe1e81e0c883f537dd7d04a2e4a176fd56a9dfefd5168
SSDEEP

768:yT0+1Af+6RA5gwVgJxom8ODdovQNjwNvffPbbcirKjkTotkdXX9A:yT0+1+VwVgJr8ODdXwpPPGYToCddA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
faecb8728ab724ebbe790acd4b0bc4a9_JaffaCakes118

Files

faecb8728ab724ebbe790acd4b0bc4a9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4472e0337b847b0e7e35ece5f28d94d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\odin\miniloader\build\release\obj\src\main\miniloader-patchdate-stub.pdb

Imports

kernel32

ExitProcess
Beep
SetLocalTime
GetLocalTime
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
CreateFileW
ReadFile
CreatePipe
CreateFileA
UnlockFile
LockFile
ReadConsoleInputW
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
PeekNamedPipe
GetFileInformationByHandle
DuplicateHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetEndOfFile
ReadConsoleW
GetConsoleCP
IsDBCSLeadByteEx
GetConsoleMode
SetConsoleMode
ReadConsoleA
HeapWalk
HeapCompact
HeapValidate
CreateProcessW
CreateProcessA
FreeLibrary
WaitForSingleObject
GetExitCodeProcess
IsBadCodePtr
SetUnhandledExceptionFilter
IsBadReadPtr
RaiseException
MoveFileA
GetDriveTypeW
RemoveDirectoryW
MoveFileW
DeleteFileW
CreateDirectoryW
GetFullPathNameW
SetFileAttributesW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetFileAttributesW
DeleteFileA
RemoveDirectoryA
CreateDirectoryA
GetDriveTypeA
GetFullPathNameA
SetFileAttributesA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetFileAttributesA
SetErrorMode
GetLogicalDrives
GetDiskFreeSpaceA
FileTimeToLocalFileTime
FileTimeToSystemTime
Sleep
CompareStringW
CompareStringA
SetStdHandle
SetFilePointer
FlushFileBuffers
GetSystemInfo
VirtualProtect
HeapSize
GetTimeZoneInformation
GetDateFormatA
GetTimeFormatA
GetLocaleInfoW
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
SetEnvironmentVariableW
SetEnvironmentVariableA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualQuery
InterlockedExchange
SetConsoleCtrlHandler
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
UnhandledExceptionFilter
RtlUnwind
InitializeCriticalSection
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCommandLineW
MultiByteToWideChar
LoadLibraryA
GetCPInfo
GetOEMCP
GetACP
GetStartupInfoA
GetFileType
SetHandleCount
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
HeapFree
HeapAlloc
FindFirstFileW
FindNextFileW
FindClose
FindFirstFileA
FindNextFileA
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThread
SetLastError
TlsAlloc
CreateThread
ResumeThread
GetLastError
CloseHandle
ExitThread
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetVersionExA
GetCommandLineA
GetCurrentThreadId
GetStdHandle
WriteFile
GetCurrentProcess
TerminateProcess
GetModuleHandleA
GetProcAddress
GetModuleFileNameW
GetModuleFileNameA
GetProcessHeap
MoveFileWithProgressA

Exports

Exports

kcfluvm

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 670B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4472e0337b847b0e7e35ece5f28d94d5

Headers

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 33KB

.data Size: 16KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 670B

.text
Size: 36KB - Virtual size: 33KB

.data
Size: 16KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 670B