45bcf2462da4edd82ca6550d5e5bedbd_JaffaCakes118

General

Target

45bcf2462da4edd82ca6550d5e5bedbd_JaffaCakes118
Size

147KB
MD5

45bcf2462da4edd82ca6550d5e5bedbd
SHA1

2b87a4586797bbcfbcbd8a5277921a0ea1f5a1b1
SHA256

607d98c0f29c272a41534d3e2e82ce6d4cc07d30d8e9bd8b5c894e754eedf546
SHA512

6cc6987db60f6716682976860be868de7e8b4bd28aca8863c962efcb6799ebbb2fbe39df04c6900143fb8d3883d2b5bc11bd90e04fd6cda8299703d5892d74cb
SSDEEP

1536:eyTq7dd55INrkXIH+mztRmKDKnfos3ps3NXbDpE5pgEmBeGOudGf3eo:PTq7dd4rkY7cw8SXYgEsO7v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45bcf2462da4edd82ca6550d5e5bedbd_JaffaCakes118

Files

45bcf2462da4edd82ca6550d5e5bedbd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

301a8485f58e0c39d135082d7f7a3522

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OutputDebugStringW
GetLogicalDrives
CreateMailslotW
CreateHardLinkW
ReplaceFileW
LoadResource
WriteTapemark
OutputDebugStringW
MoveFileExA
GetTapePosition
InitializeCriticalSectionAndSpinCount
ReadConsoleOutputW
InterlockedIncrement
UpdateResourceA
SetSystemTime
GetTapeStatus
GlobalDeleteAtom
TlsSetValue
ReadConsoleOutputCharacterA
SetThreadIdealProcessor
SearchPathW
RemoveDirectoryW
UnregisterWaitEx
TerminateJobObject
EnumResourceNamesA
FindNextFileA
QueryDosDeviceW
SetCurrentDirectoryW
SetConsoleCtrlHandler
TlsAlloc
TlsGetValue
TlsFree

winmm

midiInGetErrorTextW
midiInOpen
midiOutPrepareHeader
midiInStop
midiInMessage

Exports

Exports

PointFileCronPower

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

301a8485f58e0c39d135082d7f7a3522

Headers

File Characteristics

Imports

kernel32

winmm

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 1024B - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 15KB

.CRT Size: 18KB - Virtual size: 17KB

.tls Size: 41KB - Virtual size: 40KB

.reloc Size: 1024B - Virtual size: 108KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 1024B - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 15KB

.CRT
Size: 18KB - Virtual size: 17KB

.tls
Size: 41KB - Virtual size: 40KB

.reloc
Size: 1024B - Virtual size: 108KB