e84729011f52ca4e5e6ae4ed485a9282_JaffaCakes118

General

Target

e84729011f52ca4e5e6ae4ed485a9282_JaffaCakes118
Size

23KB
MD5

e84729011f52ca4e5e6ae4ed485a9282
SHA1

951e905b3391f81b70b855180db6f8555165d76d
SHA256

c25550b293cf4b8ccc6d1f9ad3768a47f9958026092e36546774ce662d15f6ca
SHA512

2562e1d620535025dce1aff75d0ca1e1eb2ef7190aaf5d6eb736c3842a977e3e1ddf1098c384784ee07eb3d4f51744148827eec809b9b6d5f0220f371cf65661
SSDEEP

384:dPePR1S55NW97UDlrH/4b9eNl8DsMAubuaDLc6HQxcaUXJ2sCrGTiN:dAR85PRpLNiQ5SpQS8Hp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e84729011f52ca4e5e6ae4ed485a9282_JaffaCakes118

Files

e84729011f52ca4e5e6ae4ed485a9282_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2eec7ab8c9bba70ebb8197eab2fbcb9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscat32

CryptCATOpen

kernel32

Sleep
MultiByteToWideChar
GetModuleHandleW
SizeofResource
GetDateFormatW
LockResource
GetCurrentProcessId
FreeLibrary
GetComputerNameW
LeaveCriticalSection
GetSystemTimeAsFileTime
WaitForMultipleObjectsEx
GlobalSize
InterlockedIncrement
CompareStringW
GetSystemWindowsDirectoryW
HeapFree
LoadResource
GetModuleFileNameW
UnhandledExceptionFilter
lstrcmpW
IsBadWritePtr
HeapAlloc
GetProcAddress
lstrcpyW
GetCommandLineW
lstrlenA
SystemTimeToTzSpecificLocalTime
lstrcmpiW
VirtualAlloc
LoadLibraryA
GlobalFree
DeleteCriticalSection
GetTickCount
LoadLibraryExW
GetLastError
VirtualFree
GetCurrentProcess
InterlockedExchange
GetSystemDirectoryW
EnterCriticalSection
GlobalUnlock
DnsHostnameToComputerNameW
InterlockedDecrement
LocalAlloc
lstrcpynW
InitializeCriticalSection
FindResourceW
GlobalAlloc
SystemTimeToFileTime
SetLastError
LocalFree
lstrlenW
GetTimeFormatW
FormatMessageW
CompareFileTime
QueryPerformanceCounter
FlushInstructionCache
SetUnhandledExceptionFilter
GetCurrentThreadId
GetProcessHeap
GetWindowsDirectoryW
TerminateProcess
LoadLibraryW
GlobalLock

ole32

CoInitialize

Sections

.text
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2eec7ab8c9bba70ebb8197eab2fbcb9a

Headers

File Characteristics

Imports

mscat32

kernel32

ole32

Sections

.text Size: 512B - Virtual size: 396B

.data Size: - Virtual size: 96KB

.rsrc Size: 13KB - Virtual size: 13KB

.idata Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 3KB

.text
Size: 512B - Virtual size: 396B

.data
Size: - Virtual size: 96KB

.rsrc
Size: 13KB - Virtual size: 13KB

.idata
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 3KB