0e2fe7b334195210a77f1a3c27ffd091_JaffaCakes118

General

Target

0e2fe7b334195210a77f1a3c27ffd091_JaffaCakes118
Size

112KB
MD5

0e2fe7b334195210a77f1a3c27ffd091
SHA1

f0623a6531d5a27963fb9226f6b20e76279b715e
SHA256

40da834512d7055ea7cffe52093cf9771a66694ed2758d572893663ed4ca5892
SHA512

989b7ccde009e21e5b0db966e3a892e7d452925a3044eb2966783d7ad898cc6b5434b79b2a6aa6f4e3695572c27721489a9572c53212c2b8f93150c4ca6a9ba4
SSDEEP

1536:83rAq7Mvggf6nqx/5/wwc8lsJPUXNPN06HRk5YsyKKM110GxqKSkRuW3I:i/kggSoB/a8uyNl00IYXKKa10fp6uW3I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e2fe7b334195210a77f1a3c27ffd091_JaffaCakes118

Files

0e2fe7b334195210a77f1a3c27ffd091_JaffaCakes118
.exe windows:4 windows x86 arch:x86

14e21b1a6959ab6e0cc3d725e875593c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
lstrlenA
OpenProcess
GetCurrentProcess
lstrcmpiA
TerminateProcess
LoadLibraryA
GetProcAddress
WideCharToMultiByte
GetVersionExA
HeapDestroy
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetOEMCP
HeapAlloc
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
MultiByteToWideChar
VirtualAlloc
HeapReAlloc
GetStringTypeA
LCMapStringA
LCMapStringW
GetStringTypeW

user32

ExitWindowsEx

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.trdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

14e21b1a6959ab6e0cc3d725e875593c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 16KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 960B

.trdata Size: 72KB - Virtual size: 72KB

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 960B

.trdata
Size: 72KB - Virtual size: 72KB