JaffaCakes118_5064800a1ff819297b5ae5d6f1034eb3db7c5f8875ff9687dba82c18e061e8be

General

Target

JaffaCakes118_5064800a1ff819297b5ae5d6f1034eb3db7c5f8875ff9687dba82c18e061e8be
Size

354KB
MD5

a2edd76d0b3f6fc954841e9f1fa76483
SHA1

ce8c9b4b04abe8411e32713c037aba57147038a1
SHA256

5064800a1ff819297b5ae5d6f1034eb3db7c5f8875ff9687dba82c18e061e8be
SHA512

73cba8f87dde732aa920e804e6c373afd6ce24a85ec9304fb6f4777040098cc87f5700e46506586260c9a1ac0829a8cd3f3aa5547bdd5ee28e6f6cba0a2f6d42
SSDEEP

6144:qWqN6iWl4ZJmrFeon44KQcjqUiPelK0R6iSO//FCT8z4f+Eo5gyv8aT8a3piSv:oRJmrY4KBO7mlZR6iL/F+i4Gheyea8Sv

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/subzero.png

JaffaCakes118_5064800a1ff819297b5ae5d6f1034eb3db7c5f8875ff9687dba82c18e061e8be
.zip

Password: infected
subzero.png
.dll windows:6 windows x86 arch:x86

0287a7604016003972a047b182e6c22a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForMultipleObjects
LeaveCriticalSection
WaitForSingleObject
DeleteCriticalSection
CreateFileA
WideCharToMultiByte
GetLastError
Sleep
EnterCriticalSection
InitializeCriticalSection
GetProcAddress
LoadLibraryA

Exports

Exports

AloperNoteW

Sections

.text
Size: 271KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 430KB - Virtual size: 430KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ