06c91d9cd933bf378bea778fcd69a150_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06c91d9cd933bf378bea778fcd69a150_JaffaCakes118
Size

14KB
MD5

06c91d9cd933bf378bea778fcd69a150
SHA1

699f8fb1ddca92d227b400c7410755bbf7a5ad8b
SHA256

48dee935470278f7f1f93397b06af838a70c9485f0cf222a825ad54fda7301c3
SHA512

f0e81c34eb8a6913524fc8e6bd8056738cb92500979cb116352d486bc29e370508a82b801379c10ea39378e1c8eead3224cec238f2319dc52a24938a45faa82e
SSDEEP

384:La6phxNiUpkQqBwENE5b1aZv6Lr52x3YpLWsHEWG:LRZiVFBwh1vLr52x3K4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06c91d9cd933bf378bea778fcd69a150_JaffaCakes118

Files

06c91d9cd933bf378bea778fcd69a150_JaffaCakes118
.exe windows:10 windows x86 arch:x86

d803ac76353a6224f2dbcd1858d16e25

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

exit

api-ms-win-core-heap-l1-2-0

HeapFree

api-ms-win-core-errorhandling-l1-1-1

GetLastError

api-ms-win-eventing-classicprovider-l1-1-0

TraceMessage

api-ms-win-core-sysinfo-l1-2-1

GetTickCount

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-console-l1-1-0

AllocConsole

api-ms-win-core-processthreads-l1-1-2

OpenProcess

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-console-l2-1-0

SetConsoleCP

api-ms-win-core-localization-l1-2-1

SetThreadPreferredUILanguages

api-ms-win-core-processenvironment-l1-2-0

GetStdHandle

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleA

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-kernel32-legacy-l1-1-1

GetStartupInfoA

api-ms-win-core-delayload-l1-1-1

DelayLoadFailureHook

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

Sections

.MPRESS1
Size: 9KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d803ac76353a6224f2dbcd1858d16e25

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

api-ms-win-core-heap-l1-2-0

api-ms-win-core-errorhandling-l1-1-1

api-ms-win-eventing-classicprovider-l1-1-0

api-ms-win-core-sysinfo-l1-2-1

api-ms-win-core-synch-l1-2-0

api-ms-win-core-console-l1-1-0

api-ms-win-core-processthreads-l1-1-2

api-ms-win-core-handle-l1-1-0

api-ms-win-core-console-l2-1-0

api-ms-win-core-localization-l1-2-1

api-ms-win-core-processenvironment-l1-2-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-kernel32-legacy-l1-1-1

api-ms-win-core-delayload-l1-1-1

api-ms-win-core-apiquery-l1-1-0

Sections

.MPRESS1 Size: 9KB - Virtual size: 36KB

.MPRESS2 Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

.MPRESS1
Size: 9KB - Virtual size: 36KB

.MPRESS2
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB