JaffaCakes118_9085c7119d7a03c90c220455e25ec2f614bf6a2f3887865e216ce26c105d299b

General

Target

JaffaCakes118_9085c7119d7a03c90c220455e25ec2f614bf6a2f3887865e216ce26c105d299b
Size

658KB
MD5

5e65abb2d583947e9abaee97392dc643
SHA1

b4b28234693a8901d72fc95f00b06c2f08fc6478
SHA256

9085c7119d7a03c90c220455e25ec2f614bf6a2f3887865e216ce26c105d299b
SHA512

35947ac142a5515defdf941d41a069cd63df99ed5054facfde40471ff4108e6905f86031bc662d15d7f3b583a647a7a481ba6e41300a2f8ebd7cca445fcc3539
SSDEEP

12288:sK14b4389a83V0osG9Uddv3iS3GDDnc77T2F20egyV4HtE4sbB7sHyXaH:f4bJ9a8l0BG9UhWPnk2FvyVStk75w

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/core/rewardx64.dat

JaffaCakes118_9085c7119d7a03c90c220455e25ec2f614bf6a2f3887865e216ce26c105d299b
.zip

Password: infected
core/cmd.bat
core/license.dat
core/rewardx64.dat
.dll windows:6 windows x64 arch:x64

f6bdd1c75556d961afd6fb8104c342ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
HeapFree
EnterCriticalSection
DeleteCriticalSection
TlsGetValue

Exports

Exports

CvecqddpuHjxhlckWoqegqu
DllMain
GxddelRzybusebkUlzclidtrm

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ