2d9f9525394d8fb313ff2647a033c2a1_JaffaCakes118

General

Target

2d9f9525394d8fb313ff2647a033c2a1_JaffaCakes118
Size

43KB
MD5

2d9f9525394d8fb313ff2647a033c2a1
SHA1

075369604caf2072b224d0abcc4e4a01e0ccb9c1
SHA256

e0fd6c159684156bbd205b5923c83d3e1fe16b6adcf280ad4d807a4c7504e466
SHA512

b6ee8debcaa41ccae4aee5e5c2ecfe6a3f05ba355be7e5b3a2396f30d9f4f95b47217d694aa65acfa3bea2e522314577d0fc8517396af9c6bc29db27fa1cafa7
SSDEEP

768:veLmEPaYQfWuwmg/cceYYsWQcDY7Vo+828sQ2DDOlwr1:2jPa1+kgwYYsODY38sDDOlU1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d9f9525394d8fb313ff2647a033c2a1_JaffaCakes118

Files

2d9f9525394d8fb313ff2647a033c2a1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

00969a8194cb4c01216fd8824081cc50

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
DefineDosDeviceA
LoadLibraryW
CreateProcessInternalA
CreateDirectoryExW
GetVersion
GetModuleHandleW
GetCurrentThread
FreeLibrary
GetTimeFormatA
GetProfileSectionW
SetCommBreak
lstrcmpiA
WaitCommEvent
EnumCalendarInfoW
ReadFileScatter
BuildCommDCBAndTimeoutsW
VerifyVersionInfoW
WriteTapemark
LocalCompact

linkinfo

DestroyLinkInfo
CreateLinkInfoW
ResolveLinkInfoA
GetCanonicalPathInfoA
CreateLinkInfo
GetCanonicalPathInfo
IsValidLinkInfo
GetLinkInfoData
ResolveLinkInfo
CreateLinkInfoA
CompareLinkInfoReferents
DisconnectLinkInfo
CompareLinkInfoVolumes
ResolveLinkInfoW
GetCanonicalPathInfoW

user32

CreateDialogIndirectParamA
CreateCursor
SetCursorContents
GetInputState
ModifyMenuA
OemToCharBuffW
SendMessageTimeoutA
GetRawInputBuffer
DeferWindowPos
OffsetRect

ntdll

memchr
ZwReplyPort
RtlAnsiStringToUnicodeSize
RtlGetOwnerSecurityDescriptor
LdrFindResource_U
RtlCopySidAndAttributesArray
NtCreateTimer
RtlValidateHeap
RtlInt64ToUnicodeString
ZwCreateJobObject
NtUnloadKeyEx
ZwConnectPort
ZwCompressKey
RtlValidSid

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00969a8194cb4c01216fd8824081cc50

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

linkinfo

user32

ntdll

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 5KB