JaffaCakes118_3a92779f3987f2a870dccf69e02a30b1

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_3a92779f3987f2a870dccf69e02a30b1
Size

232KB
MD5

3a92779f3987f2a870dccf69e02a30b1
SHA1

886caff0edd127e2c8fd8740cbfd8dd7bd22dfca
SHA256

54d5ee4a19ec454c2850b177ed974f5d3b6ffcbecd0f1622e7cf331e67047c5a
SHA512

296af926ef017543cf2bc77b1d716189b93348e09c6154d259457a27294f08a7aef0c9099073cd7d29f2c7f438f75690022dc030120002b432264a64f9a9aa59
SSDEEP

3072:MiJQeQYiE6Zp0Glt9bnYNd/KG0DdFcXRrB5XUsI1FhCBA++KdVTyb+6VmC:RJQpTlt9L4BP05OBteIn+KvySC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_3a92779f3987f2a870dccf69e02a30b1

Files

JaffaCakes118_3a92779f3987f2a870dccf69e02a30b1
.dll windows:4 windows x86 arch:x86

f451b5368f9f433428e081470f18df93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
TlsSetValue
GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
TlsAlloc
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
UnhandledExceptionFilter
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
LoadLibraryA
HeapSize
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
RtlUnwind
LCMapStringA
LCMapStringW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeZoneInformation
VirtualProtect
GetSystemInfo
VirtualQuery
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

InitializeEngineData
emptylogic__Constructor
emptylogic__Destructor

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f451b5368f9f433428e081470f18df93

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 7KB

.idata Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 3KB

.text Size: 148KB - Virtual size: 148KB

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 7KB

.idata
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 148KB - Virtual size: 148KB