038e1418fe05695ba771dc84b7c2fe70_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

038e1418fe05695ba771dc84b7c2fe70_JaffaCakes118
Size

152KB
MD5

038e1418fe05695ba771dc84b7c2fe70
SHA1

d344fe565808ea4474370900511f330f444ca05e
SHA256

0e3c5622612a19b2bfa7c4709d07b071e0cb25dee49785c05dcf7f60ab729b0c
SHA512

c984d489f235da300e2b6dc7a1ed5b29be1005b0767c503e7f3ae982dac00ac6699c40546e7e7d2c6c1ab47fee221bf9e28d03665aa1d862ec6f649d2252e087
SSDEEP

3072:5tnPpZlpIlcBVDhASo9Lg8BMZMTlMXSb33PLiZYriJqoQ:7nxGCHoBuZMOSb33CCibQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
038e1418fe05695ba771dc84b7c2fe70_JaffaCakes118

Files

038e1418fe05695ba771dc84b7c2fe70_JaffaCakes118
.dll windows:4 windows x86 arch:x86

647fe92306558cd5db033e6ab908b4f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dbgwizard.pdb

Imports

kernel32

InterlockedCompareExchange
GlobalFindAtomA
EnumSystemLocalesA
CompareFileTime
VerLanguageNameW
DeleteVolumeMountPointA
OpenFileMappingW
GlobalSize
CreateConsoleScreenBuffer
SetLocaleInfoW
GetAtomNameA
VirtualAlloc
GetLocalTime
WaitCommEvent
GetPrivateProfileIntW
CancelTimerQueueTimer
GlobalUnWire
GetVolumeInformationW
_lread
GetLongPathNameA
DeleteTimerQueueEx
CreateNamedPipeW
GlobalFree
ReadConsoleA
GetComputerNameExA
GetLastError
FindVolumeClose
DeleteCriticalSection
EscapeCommFunction
FreeLibraryAndExitThread
CreateTapePartition
VirtualProtect
ReleaseMutex
ReleaseSemaphore
FillConsoleOutputCharacterW
GetFileInformationByHandle
LocalUnlock

msvcrt

puts

Exports

Exports

LepAllocJob
LepBeginJob
LepFreeJob

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 420B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

647fe92306558cd5db033e6ab908b4f9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 40KB - Virtual size: 38KB

gdata Size: 32KB - Virtual size: 31KB

hdata Size: 32KB - Virtual size: 31KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 420B - Virtual size: 20KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 40KB - Virtual size: 38KB

gdata
Size: 32KB - Virtual size: 31KB

hdata
Size: 32KB - Virtual size: 31KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 420B - Virtual size: 20KB