3e3657b8a7e92b431d900f8251cd42fa_JaffaCakes118

General

Target

3e3657b8a7e92b431d900f8251cd42fa_JaffaCakes118
Size

65KB
MD5

3e3657b8a7e92b431d900f8251cd42fa
SHA1

553e448fc80abdbe47fbc5658d9f52e4d5eb7b50
SHA256

650f258bb3d50c09a489a4592493f255c6c1ea3adb4a8133bc2da55a555d537f
SHA512

910cd725d2e7490b63bbd6964c1def314c109eacaf0eadaf968c48b974dc43e6f81d61e7aed784a39dad5d1869d572fbc17341e4ab2dd334010613bdac181274
SSDEEP

1536:nsOoeYhBBBBBBB1uS0EFYziSS3G1TWXpcgZhPR9Uo3:nsOoeYBFE4Gq53

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e3657b8a7e92b431d900f8251cd42fa_JaffaCakes118

Files

3e3657b8a7e92b431d900f8251cd42fa_JaffaCakes118
.dll windows:4 windows x86 arch:x86

519fb1a5a15839072b1a4e71ecf63bed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetErrorMode
GetLastError
FindNextFileA
FindClose
FreeLibrary
LoadLibraryExA
GetProcAddress
FindFirstFileA
TlsAlloc
SetHandleCount
LCMapStringW
DeleteFileA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
RemoveDirectoryA
InterlockedDecrement
InterlockedIncrement
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
EnterCriticalSection
LeaveCriticalSection
CloseHandle
InitializeCriticalSection
FlushFileBuffers
WriteFile
DeleteCriticalSection
ExitProcess
GetModuleHandleA
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
FormatMessageA
TlsFree
SetLastError
TlsGetValue
HeapAlloc
MultiByteToWideChar
LCMapStringA
GetCPInfo
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetStdHandle
SetFilePointer
CompareStringA
CompareStringW
GetACP
GetOEMCP
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
LoadLibraryA

advapi32

RegDeleteKeyA
RegSetValueExA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA

ole32

OleInitialize
OleUninitialize

Exports

Exports

Get_Version
main

Sections

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

519fb1a5a15839072b1a4e71ecf63bed

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

Exports

Exports

Sections

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 54KB - Virtual size: 60KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 54KB - Virtual size: 60KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB