JaffaCakes118_4e2985f816d8030cd490e4d8c06356fc236c08410ec40677f0dfa26e4d08a701

General

Target

JaffaCakes118_4e2985f816d8030cd490e4d8c06356fc236c08410ec40677f0dfa26e4d08a701
Size

362KB
MD5

0b5951c2ed90ea5c0171490edeb32b93
SHA1

0b3e7cb821c6845f72f2c6f61b3d3f463d1becd2
SHA256

4e2985f816d8030cd490e4d8c06356fc236c08410ec40677f0dfa26e4d08a701
SHA512

30186d76bd05a2aba68175d9f810afe5ed4db2629da0b7288fddfc876e3dcaee9f2bfa21d217254edf6ad12a5f29177764057fd35c763ebd44a581080604a998
SSDEEP

6144:MCHOdzMdSC81UujxPmIhjPWuCege7ZxqCG7xOwVZW8xbCQ+v2kA8:jszC81fjxH5Wu7ZIXpxbwDA8

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/core/asthma-x64.tmp

JaffaCakes118_4e2985f816d8030cd490e4d8c06356fc236c08410ec40677f0dfa26e4d08a701
.zip
core/asthma-x64.tmp
.dll windows:6 windows x64 arch:x64

61718d212d8522be3c14ed0f3f01f07d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
WaitForSingleObject
DeleteCriticalSection
EnterCriticalSection
GetLastError
TlsGetValue

Exports

Exports

DllMain
LqrjxxvEhqchnWhzgv
QyfacruimdkwovZvnyhmiowawo

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 754B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
core/cmd.bat
core/license.dat