JaffaCakes118_dd5283c0cf2af868ba78c25fa48115246737ae5cd36d21fff95d03a96a1fc456

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_dd5283c0cf2af868ba78c25fa48115246737ae5cd36d21fff95d03a96a1fc456
Size

368KB
MD5

37e853f4bb7a201d84da82a20fb322d5
SHA1

94de3379728b8bea474d492a50a144b2717d69a1
SHA256

dd5283c0cf2af868ba78c25fa48115246737ae5cd36d21fff95d03a96a1fc456
SHA512

8558c9f65df5429305673c20537878ceeeb080d1c5995270abf307c773f20d14950fdd7c7ed1757833c4ee5ca71221e4cf59c0d8d98ccf43984d942a0cbc08fa
SSDEEP

6144:4pW5yM4eF6MOl7SfFPFY0Hi1PkZkWM6gD2X4sCC8rJpDRjM:4Q5yB78fFPTHi1Pku6gSIsC3FvM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_dd5283c0cf2af868ba78c25fa48115246737ae5cd36d21fff95d03a96a1fc456

Files

JaffaCakes118_dd5283c0cf2af868ba78c25fa48115246737ae5cd36d21fff95d03a96a1fc456
.dll windows:6 windows x86 arch:x86

9e960c71a2548749d0e4ca7b79f1ef85

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\rest\Mean-Capital\roll\Three\Help.pdb

Imports

kernel32

FileTimeToSystemTime
GetModuleFileNameW
GetTempPathW
VirtualProtectEx
SetConsoleOutputCP
CreateEventW
TlsAlloc
GetWindowsDirectoryW
GetVersion
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
LCMapStringW
GetLastError
HeapFree
HeapAlloc
EncodePointer
DecodePointer
GetCommandLineA
GetCurrentThreadId
RaiseException
RtlUnwind
IsDebuggerPresent
IsProcessorFeaturePresent
GetProcessHeap
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
WriteFile
HeapSize
SetLastError
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
OutputDebugStringW
HeapReAlloc
CreateFileW

ole32

OleSetContainedObject
OleUninitialize
OleInitialize

urlmon

URLOpenStreamW
CoInternetCombineUrl
CoInternetCompareUrl
CoGetClassObjectFromURL
URLOpenPullStreamW
URLDownloadToFileW

msimg32

AlphaBlend
TransparentBlt
GradientFill

Exports

Exports

WICConvertBitmapSource

Sections

.text
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e960c71a2548749d0e4ca7b79f1ef85

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

ole32

urlmon

msimg32

Exports

Exports

Sections

.text Size: 271KB - Virtual size: 271KB

.rdata Size: 83KB - Virtual size: 83KB

.data Size: 5KB - Virtual size: 63KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 271KB - Virtual size: 271KB

.rdata
Size: 83KB - Virtual size: 83KB

.data
Size: 5KB - Virtual size: 63KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 6KB - Virtual size: 5KB