0ecfa580833198cc51c77b06951b2bb4_JaffaCakes118

General

Target

0ecfa580833198cc51c77b06951b2bb4_JaffaCakes118
Size

65KB
MD5

0ecfa580833198cc51c77b06951b2bb4
SHA1

a341e67539a268fa2179df2e5e237d3f1461852a
SHA256

0c2e566d0f80e14df92b1ace30ea66bbb609f22f18e531a8b6b01fc40c054487
SHA512

6deb9c22f312975e24355d8c86ba8d29e1d7d0c9e0e81f6771a6c46087bd6347a959f6a82d2e451710878ade80f45b2c3bd95a3ebba37cf03fed92f23c4ed6c7
SSDEEP

1536:mO+OLrPAtQKdHFibkP/USALrx8q6lBk0nfNe:yAYBdZsSIx3iNnfNe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ecfa580833198cc51c77b06951b2bb4_JaffaCakes118

Files

0ecfa580833198cc51c77b06951b2bb4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bc2b6a8ebcfda73ddb006eaf80b77962

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
ExpandEnvironmentStringsA
WaitForSingleObject
GetProcAddress
LoadLibraryA
LocalAlloc
GetModuleHandleA
CreateMutexA
LocalFree
GetLocaleInfoA
GetVersionExA
GetLastError
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
HeapCreate
GetModuleHandleW
WriteFile
GetStdHandle
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
RtlUnwind
IsProcessorFeaturePresent
MultiByteToWideChar
ReadFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
CloseHandle
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
LoadLibraryW
CreateFileA
SetStdHandle
WriteConsoleW
FlushFileBuffers
LCMapStringW
GetStringTypeW
HeapReAlloc
HeapSize
SetEndOfFile
GetProcessHeap
CreateFileW

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bc2b6a8ebcfda73ddb006eaf80b77962

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 5KB - Virtual size: 12KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 5KB - Virtual size: 12KB