2816689d6ee4b30ca882807f24098d40_JaffaCakes118

General

Target

2816689d6ee4b30ca882807f24098d40_JaffaCakes118
Size

149KB
MD5

2816689d6ee4b30ca882807f24098d40
SHA1

948b5c94720c712cef69b564ac57a4c15066909a
SHA256

eaff67c298eea8fd3a429c6ae436cfe942bd4d88b9f311a5862fa9eef607d01c
SHA512

3c7cb3d2fc3ada811ff0d27915eb135801cc7da72666736178856e9eb75e517e4c4ffe8fa8b86a64d970d33f0216948fc479cc86e2b6194a27965f094ccb6837
SSDEEP

1536:1AKK4o1uBf6EXt4OhpaaXaFG4l2ZZrd8OBf+yKbBDAovCvtDcaJm/hg:GTl1kF4O1ocP5B+bM9cjg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2816689d6ee4b30ca882807f24098d40_JaffaCakes118

Files

2816689d6ee4b30ca882807f24098d40_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1e1417a40704847edc763354d3fea436

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

factUservice.pdb

Imports

kernel32

InterlockedCompareExchange
GetProfileIntA
CreateIoCompletionPort
SuspendThread
FindAtomA
WritePrivateProfileSectionA
FormatMessageA
InterlockedExchangeAdd
WritePrivateProfileStructA
lstrcatA
GetModuleFileNameA
GetAtomNameA
GetNumberOfConsoleMouseButtons
FileTimeToLocalFileTime
CloseHandle
GetConsoleOutputCP
SetConsoleOutputCP
LoadLibraryA
GetLastError
LocalAlloc
LocalFree
GetProcAddress
FreeLibrary
InterlockedExchange
RaiseException

msvcrt

exit

Exports

Exports

AppActive
AppJava
AppSpoolTitle

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 1024B - Virtual size: 745B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e1417a40704847edc763354d3fea436

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 6KB - Virtual size: 6KB

.idata Size: 105KB - Virtual size: 105KB

.didat Size: 1024B - Virtual size: 745B

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 512B - Virtual size: 52KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 6KB - Virtual size: 6KB

.idata
Size: 105KB - Virtual size: 105KB

.didat
Size: 1024B - Virtual size: 745B

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 512B - Virtual size: 52KB