06f6944c995e494c3517ee1ffb18617e_JaffaCakes118

General

Target

06f6944c995e494c3517ee1ffb18617e_JaffaCakes118
Size

293KB
MD5

06f6944c995e494c3517ee1ffb18617e
SHA1

bb2caf0dafebd6e197cc56dc804384374daa8d98
SHA256

63ce5459d4bdcee864262063f97161de0ae417331b8776b31be561a970f5e931
SHA512

69f7448a0c07a038ac8d9ea5e3a298cb24f9d0076893d0e56c1a9c91f204319ed29f391e31a0cf910f8250ef199c39fc165670cb83e8a59710221dbcdcaac50b
SSDEEP

6144:fGx77WFCXvnqr/Gc364q9SgfV/LfG0qLrCMYvBDjQPMgggO0ja7TOR:fGx77WFCfq7E9S4V/LfeLTYvBDUkReaq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06f6944c995e494c3517ee1ffb18617e_JaffaCakes118

Files

06f6944c995e494c3517ee1ffb18617e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

eb31fee849948d344bfe2c5f97d03b4e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
UnhandledExceptionFilter
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
HeapSize
GetCurrentProcessId
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
FindNextFileA
GetLastError
GetLogicalDriveStringsA
FindFirstFileA
HeapCreate
HeapAlloc
GlobalAlloc
GetProcessHeap
GetTickCount
HeapFree
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
IsProcessorFeaturePresent

user32

GetMessageA
RegisterClassExA
SendDlgItemMessageA
LoadStringA
LoadIconA
EnumWindows
TranslateMessage
MessageBoxA
UnregisterClassA
TranslateAcceleratorA
DefWindowProcA
GetDesktopWindow
LoadAcceleratorsA
ShowWindow
DispatchMessageA
UpdateWindow
LoadCursorA

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 254KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb31fee849948d344bfe2c5f97d03b4e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 254KB - Virtual size: 257KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 254KB - Virtual size: 257KB

.rsrc
Size: 10KB - Virtual size: 10KB