403a1215941f173d63e33aa9e631c10e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

403a1215941f173d63e33aa9e631c10e_JaffaCakes118
Size

80KB
MD5

403a1215941f173d63e33aa9e631c10e
SHA1

b9b57fa066fc166dd58da3159a5ef66367f054c4
SHA256

e655c3cbcb1ff22d831658a5e8e4fc658918313a0914acae53570579e03276b9
SHA512

773bed12de0ddb5aa6d7573a3beaa3f029d913bd8ecb48c9653f51d0e3ffe69e7115b4befae5c78c8c75d10aa7ac70ec861a270f42bcca33c5b959d01553c0d7
SSDEEP

1536:fxG9/EWwl6KnrtQ6kVRW58cxpZNa9n4ecOa9wFK2yhgxw3bzpYetzriO:5v6KnrtQ6kVY58k0p4ecCK2yhj3HpjfD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
403a1215941f173d63e33aa9e631c10e_JaffaCakes118

Files

403a1215941f173d63e33aa9e631c10e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b7d73071515c7f7e36a89ddb4108101a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

o.pdb

Imports

kernel32

InitializeCriticalSectionAndSpinCount
FlushViewOfFile
GetStringTypeA
GetStringTypeExA
GetFullPathNameW
CloseHandle
InterlockedDecrement
GetProcAddress
WaitForSingleObject
SetEndOfFile
TlsAlloc
DeleteFileW
HeapFree
GetEnvironmentVariableA
lstrlenA
InterlockedExchange
GetSystemTimeAsFileTime
SetHandleCount
QueryPerformanceCounter
DeleteFileA
CompareFileTime
OpenFileMappingA
SetLastError
GetCurrentThreadId
GetCPInfo
lstrlenW
HeapDestroy
CreateFileA
GetEnvironmentStrings
GetDiskFreeSpaceA
lstrcmpA
CreateFileW
InitializeCriticalSection
LocalFree
MoveFileW
TerminateProcess
CreateMutexA
HeapReAlloc
VirtualAlloc
GetStartupInfoA
TlsGetValue
GetLastError
WideCharToMultiByte
UnhandledExceptionFilter
CreateMutexW
EnterCriticalSection
GetSystemInfo
SetFilePointer
VirtualQuery
DeleteCriticalSection
InterlockedIncrement
Sleep
GetOEMCP
CreateFileMappingW
GetStdHandle
SetEvent
SetFileTime
CreateThread
MultiByteToWideChar
LeaveCriticalSection
ReleaseMutex
IsBadReadPtr
OpenFileMappingW
GetLocaleInfoA
FreeEnvironmentStringsW
GetFileSize
MoveFileA
FreeEnvironmentStringsA
FreeLibrary
GetStringTypeW
CreateFileMappingA
GetFileType
MapViewOfFile
VirtualProtect
HeapCreate
GetVersionExA
GetFullPathNameA
HeapAlloc
IsDBCSLeadByte
LocalAlloc
GetACP
GetCurrentProcessId
lstrcmpiA
LoadLibraryA
TlsFree
CreateEventA
VirtualFree
SetUnhandledExceptionFilter
GetTickCount
GetDiskFreeSpaceW
DisableThreadLibraryCalls
GetCurrentProcess
UnmapViewOfFile
LCMapStringA
GetEnvironmentStringsW
SetEnvironmentVariableA

Exports

Exports

urkakvsne

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 580B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7d73071515c7f7e36a89ddb4108101a

Headers

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 41KB

.data Size: 24KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 580B

.text
Size: 44KB - Virtual size: 41KB

.data
Size: 24KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 580B