1567aef89342aed7d450fee5fe430c64_JaffaCakes118

General

Target

1567aef89342aed7d450fee5fe430c64_JaffaCakes118
Size

80KB
MD5

1567aef89342aed7d450fee5fe430c64
SHA1

16376d54cc1f7893f4f2665ac8e026c099a35dac
SHA256

45d6201ed47d8bad402ffbcfdac9c772ef83b6ce6362f16326f39d5c347ab99b
SHA512

c3c628a3c303a7e19612326173be22ddd36b471f38a379d9b20207147f9c30e6cebd40c99b1910ba6748dfe557a1737e346cd4064a4d5ba3cdb1ad39508121fd
SSDEEP

1536:LUKfVw1ED1CHrBJVWiBY4K9l/PiNv9jfWXJBVRaTsuFCqaCwnxD:LfVW9j4l/iv9QjqaCwxD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1567aef89342aed7d450fee5fe430c64_JaffaCakes118

Files

1567aef89342aed7d450fee5fe430c64_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ed3114be716e2f5901efd9fa2e37501

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetProcAddress
LoadLibraryExA
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
HeapCreate
VirtualFree
HeapFree
VirtualAlloc
HeapReAlloc
TlsAlloc
SetLastError
GetCurrentThreadId
GetLastError
TlsFree
TlsSetValue
TlsGetValue
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetCPInfo
GetLocaleInfoA
GetACP
GetOEMCP
LoadLibraryA
VirtualProtect
GetSystemInfo
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ed3114be716e2f5901efd9fa2e37501

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 48KB - Virtual size: 47KB

.data Size: 2KB - Virtual size: 92KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 48KB - Virtual size: 47KB

.data
Size: 2KB - Virtual size: 92KB