0213b8e416a5ee028da1ef6e259ce67a_JaffaCakes118

General

Target

0213b8e416a5ee028da1ef6e259ce67a_JaffaCakes118
Size

55KB
MD5

0213b8e416a5ee028da1ef6e259ce67a
SHA1

4d31d021cdb29fd049ced429e7474c51f41b83e9
SHA256

4990346f6b8b93f0c4c84f54ab62e9085498ae2e2bb1fd84763497a35d41db19
SHA512

61cb25f06f190e3cc45158dd6abf256ca3290a2d7b1ce230826f636fd5e8ffdb563add6d8178d92fcc8de1319da446db800001f9ffc0bbf9a798d8f3d1efb0ed
SSDEEP

768:KLzy5SwtArmCILkDI12Gx1q3xmrmmETds0fU9+vrZjsG/9XFL3pDigaNkFSx0ikO:KFwtl87GrozHs09rpjTkgajx0PVcpdr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0213b8e416a5ee028da1ef6e259ce67a_JaffaCakes118

Files

0213b8e416a5ee028da1ef6e259ce67a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cdc3597a1703b2be9d984f39b59d3d93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

interhafaicee.pdb

Imports

kernel32

FreeLibrary
GetModuleHandleA
GetModuleHandleW
GetPrivateProfileSectionA
SetErrorMode
UnmapViewOfFile
WriteFile
HeapAlloc
GetFileSize
GetTickCount
GetTempPathA
SetUnhandledExceptionFilter
FindFirstFileA
FindFirstFileExA
ReadFile
SetFilePointer
GetFileAttributesA
GetCurrentProcess
LocalAlloc
GetProcessHeap
GetCurrentThreadId
OutputDebugStringA
GetCurrentProcessId
FindClose
CreateFileMappingA
HeapFree
LoadLibraryA
SetLastError
GetPrivateProfileStringA
GetCurrentDirectoryA
CreateFileA
GetLastError
OpenProcess
GetFileInformationByHandle
RemoveDirectoryA
FindNextFileA
GetSystemTimeAsFileTime
UnhandledExceptionFilter
MapViewOfFile
CopyFileA
GetFullPathNameA
QueryPerformanceCounter
GetFileAttributesExA
DeleteFileA
FlushViewOfFile
SetEndOfFile
SetCurrentDirectoryA
GetProcAddress
ExpandEnvironmentStringsA
Sleep
CloseHandle
LocalFree
SetFileAttributesA
GetTempFileNameA
TerminateProcess

user32

GetDesktopWindow
GetNextDlgTabItem
FindWindowA
GetDlgItemTextA
DestroyWindow

advapi32

OpenProcessToken
LookupPrivilegeValueA
ConvertStringSidToSidA
AdjustTokenPrivileges

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

bnrfhzfvh

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdc3597a1703b2be9d984f39b59d3d93

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

version

Exports

Exports

Sections

.text Size: 38KB - Virtual size: 38KB

.data Size: 14KB - Virtual size: 14KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 38KB - Virtual size: 38KB

.data
Size: 14KB - Virtual size: 14KB

.reloc
Size: 1KB - Virtual size: 1KB