JaffaCakes118_0748ba4e3da132fc06603b30014ad2f0

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_0748ba4e3da132fc06603b30014ad2f0
Size

129KB
MD5

0748ba4e3da132fc06603b30014ad2f0
SHA1

57606117b0927f02644789dffe86ce872662ce00
SHA256

7b1c275099d11fa4e914ab0dc3faedbaf15713fcb7d79c7d99710ca581d52be6
SHA512

967e68328c5dc36c79452e5b587e8fb82619b1652eb445c4290d7bda76f79aebbd7a2dfd926fd27961c5d80b29e60414f61ee37d2a0e3a1d6a3bf9c47726f195
SSDEEP

3072:t/aWRGXhRqj+EFQ3KyE/bUvoijOQUuTW+K9Eu3P:t/aWAKPQmbUwQUC9K9EG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0748ba4e3da132fc06603b30014ad2f0

Files

JaffaCakes118_0748ba4e3da132fc06603b30014ad2f0
.dll windows:5 windows x86 arch:x86

8d0bb2d884caef4c9680ed6605a3454c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetLastError
HeapFree
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
HeapDestroy
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

_Decr@4
_Encr@4
_MyDecr@4
_MyEncr@4
_ZCDecr@4
_ZCEncr@4
_kjDecrypt@4
_kjEncrypt@4
hsfirst
wlfpfirst
wlfpnext

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8d0bb2d884caef4c9680ed6605a3454c

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 6KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 5KB - Virtual size: 4KB

.rmnet Size: 76KB - Virtual size: 76KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 6KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 5KB - Virtual size: 4KB

.rmnet
Size: 76KB - Virtual size: 76KB