eacda298853326c0154421a01151ffd7_JaffaCakes118

General

Target

eacda298853326c0154421a01151ffd7_JaffaCakes118
Size

231KB
MD5

eacda298853326c0154421a01151ffd7
SHA1

c2d070ba133944cb78b77da1ad3850e63d485976
SHA256

a2155bfa2312b4e146e5b95c8b0bb553865fbd3e74af5378be81f82a1b6197a0
SHA512

992e1a1ed535b64968b94923e052b7d8e501b6c21d8fb2b3132d781d918cffa261f617aafe5a3ae4db431497e32efe7b8f64348a398f9fb558eadb63f32e1f3e
SSDEEP

6144:2dKpgesiAiG7rB/82oJ8pgSf2C5NmrGzufgA/:pgesf/PB02oJ+gSfHIxfgA/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eacda298853326c0154421a01151ffd7_JaffaCakes118

Files

eacda298853326c0154421a01151ffd7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

650141b03fc6d8aeb9e38510f36a9f20

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_initterm
_adjust_fdiv
_controlfp
?what@exception@@UBEPBDXZ
??3@YAXPAX@Z
_amsg_exit
__p__commode

kernel32

GetTempPathA
IsValidLocale
GetThreadLocale
GlobalHandle
SetStdHandle
OutputDebugStringA
HeapSize
lstrcmpiA
ExitProcess
GetOEMCP
CloseHandle
GetStdHandle
InterlockedIncrement
RaiseException
GetFileAttributesA
GetVersionExA
CreateFileA
GetLocaleInfoW
ReleaseMutex
GetFileSize
GetCurrentProcessId
SetHandleCount
GetACP
SetConsoleCP
IsDebuggerPresent
InterlockedCompareExchange
HeapAlloc
FreeLibrary
GetCurrentThreadId
GetStartupInfoA
FileTimeToLocalFileTime
VirtualProtect
TlsGetValue
FindFirstFileW
GetTempPathW
GetModuleHandleA
GetCPInfo
Sleep

user32

LoadMenuW
BeginPaint
GetScrollPos
ScreenToClient

version

GetFileVersionInfoSizeW

lz32

LZClose
LZCopy
LZRead

advapi32

RegQueryValueExA

gdi32

CreateDIBSection
SelectObject
DeleteObject

ole32

CoCreateInstance
GetClassFile
CLSIDFromProgID

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 70KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

650141b03fc6d8aeb9e38510f36a9f20

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

version

lz32

advapi32

gdi32

ole32

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 70KB - Virtual size: 79KB

.data Size: 512B - Virtual size: 15KB

.reloc Size: 512B - Virtual size: 148B

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 70KB - Virtual size: 79KB

.data
Size: 512B - Virtual size: 15KB

.reloc
Size: 512B - Virtual size: 148B