3808342d6baaaf24081e0127912b0ce0_JaffaCakes118

General

Target

3808342d6baaaf24081e0127912b0ce0_JaffaCakes118
Size

151KB
MD5

3808342d6baaaf24081e0127912b0ce0
SHA1

f34b92fefd180151eceae9073bc2d1a6025c265c
SHA256

4ef91c8a874eb5b277c05ee6f22a44580e96344a0f54d1943b4822cd9008242d
SHA512

99de4f6cb8bf84d8933269c608f2bfac36d8c4cee2bfb5570a6d71c35504e11d2692e89cceefaf7bcbd0f67a21558e392f1bb6f9f77d2e9c0f613b085b839324
SSDEEP

1536:Sq8dGUzrzMjRdj3gwKuWfFe3zB5DQzFdIcYJPshmhK1EyWBHgZvrojnppDe:SHdnzUjRepu4eldufYE0BHgSLppDe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3808342d6baaaf24081e0127912b0ce0_JaffaCakes118

Files

3808342d6baaaf24081e0127912b0ce0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1e1417a40704847edc763354d3fea436

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

factUservice.pdb

Imports

kernel32

InterlockedCompareExchange
GetProfileIntA
CreateIoCompletionPort
SuspendThread
FindAtomA
WritePrivateProfileSectionA
FormatMessageA
InterlockedExchangeAdd
WritePrivateProfileStructA
lstrcatA
GetModuleFileNameA
GetAtomNameA
GetNumberOfConsoleMouseButtons
FileTimeToLocalFileTime
CloseHandle
GetConsoleOutputCP
SetConsoleOutputCP
LoadLibraryA
GetLastError
LocalAlloc
LocalFree
GetProcAddress
FreeLibrary
InterlockedExchange
RaiseException

msvcrt

exit

Exports

Exports

AppActive
AppJava
AppSpoolTitle

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 1024B - Virtual size: 745B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e1417a40704847edc763354d3fea436

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 6KB - Virtual size: 6KB

.idata Size: 108KB - Virtual size: 107KB

.didat Size: 1024B - Virtual size: 745B

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 512B - Virtual size: 52KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 6KB - Virtual size: 6KB

.idata
Size: 108KB - Virtual size: 107KB

.didat
Size: 1024B - Virtual size: 745B

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 512B - Virtual size: 52KB