13530e11e06b4a0cbd85bcf6c8eab72b_JaffaCakes118

General

Target

13530e11e06b4a0cbd85bcf6c8eab72b_JaffaCakes118
Size

152KB
MD5

13530e11e06b4a0cbd85bcf6c8eab72b
SHA1

2c8441c9d4b042ca7c78341cd9fc47f65934cc5a
SHA256

fad4d9504c483166a1dc72754402b20764259f42d4912ba09700ddf9cfbb1d0d
SHA512

ac0694cebc8e76656933f2ac0fb829b326dd6f70b13f45d0cf34f94ffcb901ebab31c5d92a828ae3f77c6230f04d5e8cb85519cdcd035e96860681933f894187
SSDEEP

3072:o60MEvb3UwokCs1CyhMFKh2eH9HVGAXxegnArf:3mD3UwoFSC2MwhJOAh1A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13530e11e06b4a0cbd85bcf6c8eab72b_JaffaCakes118

Files

13530e11e06b4a0cbd85bcf6c8eab72b_JaffaCakes118
.dll windows:5 windows x86 arch:x86

769548143e016432052532d4bb7784d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

mst123.pdb

Imports

msvcrt

_adjust_fdiv
malloc
_initterm
free

kernel32

LoadLibraryA
EnterCriticalSection
CreateEventA
CloseHandle
WaitForMultipleObjects
GetTickCount
SetThreadPriority
CreateThread
GetLastError
ResetEvent
PurgeComm
GetOverlappedResult
WriteFile
ClearCommError
ReadFile
InterlockedDecrement
SetCommTimeouts
GetCommTimeouts
FreeLibrary
GetProcAddress
GetCommState
SetEvent
LocalAlloc
LocalReAlloc
lstrcpyA
lstrlenA
lstrcmpA
SetUnhandledExceptionFilter
LoadLibraryExA
lstrcpynA
GetSystemDirectoryA
lstrcatA
WaitForSingleObject
Sleep
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
LocalFree
VirtualAlloc
QueryPerformanceCounter

advapi32

RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegCreateKeyA
RegOpenKeyA
RegFlushKey

user32

CharNextA

Exports

Exports

T123_CreateTransportInterface

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

769548143e016432052532d4bb7784d8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

advapi32

user32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 37KB

.data Size: 4KB - Virtual size: 120B

.rsrc Size: 100KB - Virtual size: 99KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 37KB

.data
Size: 4KB - Virtual size: 120B

.rsrc
Size: 100KB - Virtual size: 99KB

.reloc
Size: 4KB - Virtual size: 1KB