01f86a1b00280b5e8a9b285b55d27714_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

01f86a1b00280b5e8a9b285b55d27714_JaffaCakes118
Size

316KB
MD5

01f86a1b00280b5e8a9b285b55d27714
SHA1

a826f842875ca6fe0b723827b31276ce42723b2f
SHA256

7889a62305cf0a4980bee5df7a9b8f1b594df494a640093a44ea63506e75d15f
SHA512

2c8ced923bd2d71062f6bf69937de0f07e2071bcd35788c4b638229bf972acc03966b7015f3cc6ea390bd80abc2543ea6464cd42cea3a4080797f88989f1b88c
SSDEEP

6144:2AaYNSPh5UTbGLMlNKVhk+VbRfvhCDD2wQiYFz5UTbGLMlNKV:2A+mbGigPVIDD+iYPmbGig

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01f86a1b00280b5e8a9b285b55d27714_JaffaCakes118

Files

01f86a1b00280b5e8a9b285b55d27714_JaffaCakes118
.exe windows:6 windows x86 arch:x86

a45b3ad4e18a99ca2748b60b840c337c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projekty\C++\SimpleHack2\Release\SimpleHack2.pdb

Imports

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf_s

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

kernel32

Process32Next
GetSystemTimeAsFileTime
GetCurrentThreadId
ReadProcessMemory
GetCurrentProcessId
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
GetCurrentProcess
TerminateProcess
WriteProcessMemory
QueryPerformanceCounter
Module32Next
OpenProcess
CloseHandle
Sleep
CreateToolhelp32Snapshot
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_execute_onexit_table
_cexit
abort
_invalid_parameter_noinfo_noreturn
system
_register_onexit_function
_crt_at_quick_exit
_crt_atexit
terminate
exit

api-ms-win-crt-string-l1-1-0

memset

vcruntime140

_except_handler4_common
_CxxThrowException
__std_exception_copy
memmove
__FrameUnwindFilter
__std_exception_destroy

msvcp140

?__ExceptionPtrCopy@@YAXPAXPBX@Z
?_Xlength_error@std@@YAXPBD@Z
?__ExceptionPtrDestroy@@YAXPAX@Z

user32

GetAsyncKeyState

api-ms-win-crt-time-l1-1-0

clock

api-ms-win-crt-math-l1-1-0

remainderf
_fdtest

api-ms-win-crt-convert-l1-1-0

atof

mscoree

_CorExeMain

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a45b3ad4e18a99ca2748b60b840c337c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

kernel32

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

vcruntime140

msvcp140

user32

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

mscoree

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 189KB - Virtual size: 189KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 86KB - Virtual size: 85KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 189KB - Virtual size: 189KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 86KB - Virtual size: 85KB

.reloc
Size: 1KB - Virtual size: 1KB