09a98edde415e399099e3914111a6dc6_JaffaCakes118

General

Target

09a98edde415e399099e3914111a6dc6_JaffaCakes118
Size

170KB
MD5

09a98edde415e399099e3914111a6dc6
SHA1

b5c7fde69aab25dbd8fb17d7053bcf482a1042ae
SHA256

450cfb29939c082b588e63fcb0ade4ab84d3e250b45f9c2d44bc0390ca37ba0f
SHA512

416c4190ef66b3bd2f11cef85f872c1a6b5610916abc4cff6a9081819b5e9ec3d9db41a906b7e863392628f9262e4a62f2b9b9ea0765483b870f7248b2d0c2db
SSDEEP

3072:pxleRZsqIzV1JSb2zDli0AWFo+5k8iJDfBxhagiOhA1sPkXgWWmYIU3XgaUB:3kfI5rSb2vkW5o/hP3C1s8wZmHIXgJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09a98edde415e399099e3914111a6dc6_JaffaCakes118

Files

09a98edde415e399099e3914111a6dc6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ae72e39b6eeeab4aa7bc265395989b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLocaleInfoW
UnhandledExceptionFilter
CloseHandle
IsDebuggerPresent
HeapSize
HeapFree
GetThreadPriority
IsValidCodePage
MultiByteToWideChar
GetUserDefaultLCID
EnterCriticalSection
SetupComm
LeaveCriticalSection
TerminateProcess
GetCurrentDirectoryW
IsValidLocale
DeleteCriticalSection
InterlockedIncrement
RaiseException
CreateFileA
WriteConsoleW
GetModuleHandleA
SetStdHandle
GetLastError
LCMapStringW
GetVersionExA
GlobalAlloc
GetCPInfo
InitializeCriticalSection
EnumResourceNamesA
EnumSystemLocalesA
GetModuleFileNameW
Sleep
HeapReAlloc
WideCharToMultiByte
GetFullPathNameW
ExitProcess
SetEndOfFile
LCMapStringA
GetCurrentThreadId
HeapAlloc
ReadFile
WriteFile
RtlUnwind
WriteConsoleA
InterlockedDecrement
GetCurrentProcess
GetConsoleOutputCP
GetProcessHeap
GetCommandLineA
ExitProcess
SetUnhandledExceptionFilter
GetProcAddress
GetFullPathNameA

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

rpcrt4

UuidCreate

user32

GetAncestor
MessageBoxW

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ae72e39b6eeeab4aa7bc265395989b9

Headers

File Characteristics

Imports

kernel32

shell32

rpcrt4

user32

Sections

.text Size: 148KB - Virtual size: 147KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 19KB - Virtual size: 18KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 148KB - Virtual size: 147KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 19KB - Virtual size: 18KB

.crt
Size: 512B - Virtual size: 72KB