0e148085211af07ecd7bffc2ab494ca5_JaffaCakes118

General

Target

0e148085211af07ecd7bffc2ab494ca5_JaffaCakes118
Size

41KB
MD5

0e148085211af07ecd7bffc2ab494ca5
SHA1

a5256ad04039f3671e740a2321b606b6f4af9694
SHA256

81691e76d0fe7522db8c19bdf43f7fda27c0e247dad75e19104b899a23c63679
SHA512

33c53ddc0b23d40f6da3fc1b23d192028f59535fed7277b18674fcd6ad52f780800520c0c8c488fc60f9ea8aeacc58555c7a235de0f1156a1f40e302352b86f9
SSDEEP

768:dT5DUOnO9RS5qtYngI8te10VkQODxBTP5tSbWvgtAxmha5:HoOkVtYnHSe6hODxBSyg3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e148085211af07ecd7bffc2ab494ca5_JaffaCakes118

Files

0e148085211af07ecd7bffc2ab494ca5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03d987039342b3b6b6941813307c35be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Xlen@std@@YAXXZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcrt

free
__CxxFrameHandler
??2@YAPAXI@Z
wcscmp

kernel32

GetSystemTime
GetModuleFileNameA
Sleep
LoadResource
LockResource
SizeofResource
GetWindowsDirectoryA
CreateFileA
WriteFile
CloseHandle
TerminateProcess
OpenProcess
Process32NextW
CreateToolhelp32Snapshot
GetProcAddress
LoadLibraryA
GetTempPathA
ExitProcess
SetFileAttributesA
WinExec

user32

wsprintfA

netapi32

Netbios

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 768B - Virtual size: 641B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03d987039342b3b6b6941813307c35be

Headers

File Characteristics

Imports

msvcp60

msvcrt

kernel32

user32

netapi32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 768B - Virtual size: 641B

.rsrc Size: 34KB - Virtual size: 34KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 768B - Virtual size: 641B

.rsrc
Size: 34KB - Virtual size: 34KB