a0edcf1f6d3dac996ca1eb09bd7a0d87_JaffaCakes118

General

Target

a0edcf1f6d3dac996ca1eb09bd7a0d87_JaffaCakes118
Size

352KB
MD5

a0edcf1f6d3dac996ca1eb09bd7a0d87
SHA1

a436b32c9218281767a291a5b0fab164b49b24e6
SHA256

612a87e3d0a3009decaea23c246d86fa6f6f9fc116595ea09636be24728362de
SHA512

a26f9ec662feb6d033e69b897d2112078fd00b9a474ab68fa5746c64d89874b3ce572f78eedf5f326db70ef550f6bd48a0430dc683aa3ed7319d447a9622b114
SSDEEP

3072:vb0MOG8XpvwR8q9hZLB9A3NxXU539CEyT6k6GHCLyKRrpBBnMVXl0o:zOG8Xpvo9hJQ453pfk6GHCLyKRr3ild

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0edcf1f6d3dac996ca1eb09bd7a0d87_JaffaCakes118

Files

a0edcf1f6d3dac996ca1eb09bd7a0d87_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c4007e9d2fbf6bac41fffee7f6d02cc8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
LocalFree
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
WaitForMultipleObjects
WriteConsoleW
lstrcatW
lstrcmpW
GetLastError
lstrlenA
lstrlenW
GetCommandLineA
LoadLibraryW
GlobalAlloc
LoadLibraryA
HeapAlloc
GetProcessHeap
GetVersion
GetModuleHandleW
GetStartupInfoA
CreateFileA
VirtualAlloc
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetConsoleOutputCP
FormatMessageW
CreateThread
lstrcmpiW
CloseHandle

user32

LoadIconA
GetParent
GetMenu
LoadBitmapW
LoadIconW
LoadStringW
GetDC
EnableMenuItem

gdi32

GdiFlush
SaveDC
CreateCompatibleDC
SelectObject

advapi32

RegQueryValueExW
RegOpenKeyA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

shlwapi

UrlCreateFromPathW

winmm

timeGetTime

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4007e9d2fbf6bac41fffee7f6d02cc8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

shlwapi

winmm

Sections

.text Size: 136KB - Virtual size: 136KB

.rdata Size: 209KB - Virtual size: 209KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 136KB - Virtual size: 136KB

.rdata
Size: 209KB - Virtual size: 209KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 1KB