574e296c31b1448af454f1a9bf635951_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

574e296c31b1448af454f1a9bf635951_JaffaCakes118
Size

62KB
MD5

574e296c31b1448af454f1a9bf635951
SHA1

46c43f62b3d13a794a0da209aede39f5e23bd480
SHA256

a4977e2940d227dd4ed169cea69e795ef585fe48d8327b8be5294525f4d7e2f4
SHA512

776f509dc2a33d9a314c81901e9d925ca37648f911b3c552aa3ad09f8f8caedd20a0bec554ff7ae93ac15563d3df13f8affb8335ed63d584a596f0cb5824a12d
SSDEEP

1536:Qz5mz+70YOAtVjwJ9wiKu/6/PIF5XLk5hpO:QQY1OeY1Y5hp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
574e296c31b1448af454f1a9bf635951_JaffaCakes118

Files

574e296c31b1448af454f1a9bf635951_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2f3368661af7a63c35bfffcf32e6190e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Projects\WinRAR\FormatSrc\cab\build\32\Release\cab.pdb

Imports

kernel32

LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFilePointer
ReadFile
CloseHandle
CreateFileA
HeapAlloc
HeapFree
DeleteFileA
WaitForSingleObject
CreateProcessA
lstrcmpiA
SetFileAttributesA
SetFileTime
CreateDirectoryA
HeapDestroy
FreeLibrary
HeapCreate
GetProcAddress
GetShortPathNameA
LoadLibraryA
GetLastError
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetModuleHandleA
Sleep
WideCharToMultiByte
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersion
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
SetEndOfFile
GetProcessHeap

Exports

Exports

Close
Extract
GetListItem
GetNextName
Open
Prepare

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f3368661af7a63c35bfffcf32e6190e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 43KB - Virtual size: 43KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 16KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 16KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 4KB - Virtual size: 4KB