2246524a940683315e65f143ff97ee20_JaffaCakes118

General

Target

2246524a940683315e65f143ff97ee20_JaffaCakes118
Size

316KB
MD5

2246524a940683315e65f143ff97ee20
SHA1

e9696ec93f797a1ed69b3eb9fdfbd075023d1bee
SHA256

d91894e366bb1a8362f62c243b8d6e4055a465a7f59327089fa041fe8e65ce30
SHA512

a1b35a30b8846c96b92a57c022232528359bb386a194042224e3f30e9e51645fae35fb8f0ce24497b699249e50d000c234d64eb74bc51b50000f50946ad12805
SSDEEP

3072:cmNgylNLOUpVrwRDeMaFb9I2PklUpsU3BJF928uK8YPhUKNU72/NzToB:c6sRafKUpsU3f2vdY5UKayl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2246524a940683315e65f143ff97ee20_JaffaCakes118

Files

2246524a940683315e65f143ff97ee20_JaffaCakes118
.exe windows:4 windows x86 arch:x86

863a34cd9f24dcd5055cfac558ecc1c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindNextFileA
SetFileAttributesA
GetFileAttributesA
FindFirstFileA
GetModuleFileNameA
GetTempFileNameA
GetTempPathA
CloseHandle
FreeLibrary
WriteFile
CreateFileA
LoadLibraryExA
CreateProcessA
SetFilePointer
GetLocalTime
ExitProcess
ResumeThread
GetLastError
lstrcatA
GetShortPathNameA
GetEnvironmentVariableA
GetComputerNameA
LocalFree
GetCommandLineW
SizeofResource
LockResource
LoadResource
FindResourceA
HeapFree
HeapAlloc
GetStringTypeW
GetStringTypeA
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
FlushFileBuffers

shell32

CommandLineToArgvW

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 272KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

863a34cd9f24dcd5055cfac558ecc1c2

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 272KB - Virtual size: 270KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 272KB - Virtual size: 270KB