3753810136e894c005347e108f5a2510_JaffaCakes118

General

Target

3753810136e894c005347e108f5a2510_JaffaCakes118
Size

116KB
MD5

3753810136e894c005347e108f5a2510
SHA1

2cf78edb59b497e360e9987f4f3dabcc0a870a0e
SHA256

8745c84071377e682b458fbb631f7812a5bddd88163a5ec093d0269e4e864774
SHA512

22fc92a5eb18a592bae640bfb2bd39f5b10ee2e88c40e9bfc0552f4c74904819f83ee071c9c8166beaaab7c2e351e62db894d5e30e396f6559f8ebceab5967bb
SSDEEP

1536:qPFeebNOaCoUxfnu2TBM5eXwvPIceZ49QDM0OfDwksbdup1q27Jvx0JHJ4SGjI30:MFeE1Cs0BMZHIctwYfDw23XQHJ4p1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3753810136e894c005347e108f5a2510_JaffaCakes118

Files

3753810136e894c005347e108f5a2510_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ede2e0e2811fe7211d5eba614a8dea43

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAllocEx
CreateRemoteThread
MoveFileExA
WriteConsoleW
VirtualUnlock
SetEnvironmentVariableW
CopyFileW
GetDiskFreeSpaceA
SetThreadLocale
GetStringTypeExA
GetExitCodeProcess
AreFileApisANSI
GetFileAttributesExA
SetCommConfig
SetConsoleCP
LoadLibraryW
lstrcatA
FindResourceExW
OpenMutexA
GlobalAlloc
GlobalFree
UpdateResourceW
GetConsoleFontSize
WriteProfileStringA
InterlockedExchange
_lcreat
lstrcmpA
EnumTimeFormatsA
GetSystemDefaultLCID
ClearCommBreak
GetBinaryTypeW
SetDefaultCommConfigW
lstrlenW
ReleaseMutex
TlsFree
CreateRemoteThread
LocalAlloc
GetProcAddress
FreeLibrary
GetLastError
LoadLibraryA
RaiseException

advapi32

RegSaveKeyA
SetThreadToken
OpenEncryptedFileRawA
EncryptFileW
SetSecurityDescriptorRMControl
CreatePrivateObjectSecurity
RegDeleteKeyA
QueryServiceConfigW
MakeAbsoluteSD
RegEnumValueA
NotifyChangeEventLog
CryptDestroyHash
QueryServiceConfig2W
PrivilegedServiceAuditAlarmW

Exports

Exports

SyntaxCopyWord
SyntaxImportClipboard
SyntaxSoftware
SyntaxSubdirectoryAlpha
SyntaxVirtualization

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ede2e0e2811fe7211d5eba614a8dea43

Headers

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 18KB

.data Size: 88KB - Virtual size: 90KB

.reloc Size: 4KB - Virtual size: 80KB

.text
Size: 20KB - Virtual size: 18KB

.data
Size: 88KB - Virtual size: 90KB

.reloc
Size: 4KB - Virtual size: 80KB