ea88491da04af9b09050cf2f5026801d_JaffaCakes118

General

Target

ea88491da04af9b09050cf2f5026801d_JaffaCakes118
Size

704KB
MD5

ea88491da04af9b09050cf2f5026801d
SHA1

bc808485e6cf28f4f98a79bcbb12c30ec12cd5dc
SHA256

1dad932e8f9c5c0b2ff1fd7576638d0f9ab7e9a16c778709426f4ed0c676cdd9
SHA512

089b95ecf425b559bcd2a7c93f18595dbe1ddc7450a9cf4b421c360198c62b916ff1da382c6d289d240b4790738923392ad3d7f11281b468d1b2785780347311
SSDEEP

12288:bXYZbbIvcQ+zxBcz5RrNrERFJcXqSLpn8c3Fw6sxEIu:bIdIvj+zPcz5RhrERFJcv1n/sxEI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea88491da04af9b09050cf2f5026801d_JaffaCakes118

Files

ea88491da04af9b09050cf2f5026801d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2d07cba51ce63a058d38ccc2579afb31

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
CloseHandle
WaitForSingleObject
CreateThread
GlobalFree
GlobalAlloc
VirtualFree
GetProcAddress
GetTickCount
GetModuleHandleA
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetLastError
RaiseException
SetUnhandledExceptionFilter
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
Sleep
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSection
RtlUnwind
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 612KB - Virtual size: 611KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d07cba51ce63a058d38ccc2579afb31

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 612KB - Virtual size: 611KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 612KB - Virtual size: 611KB

.reloc
Size: 8KB - Virtual size: 5KB