1a518a5001dc97e012da16b855009be2_JaffaCakes118

General

Target

1a518a5001dc97e012da16b855009be2_JaffaCakes118
Size

287KB
MD5

1a518a5001dc97e012da16b855009be2
SHA1

eee2d748771d880db10ad371e20b409df4e9f0ca
SHA256

6109a16461d7cecb595754574d5904a4e28972328c3385322bf80b6f4248579c
SHA512

5a21dd92ef8e8f971620f60a42a3e20a3a5ac8d47626570965ea88c0196ba1dd03c154b8de9790411cdfbcd0e1aa7c661af564c90dd37d6cc5545ba3aff11614
SSDEEP

3072:ncIemxkqerPtjK5DqmkJ8HsZCNgoDfvzGKyU5ZzEVR11BreocQ1FX5G2VOSAw5PK:cJm8Bjp0sZCbGKTnA77BreoB1Fp6SAw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a518a5001dc97e012da16b855009be2_JaffaCakes118

Files

1a518a5001dc97e012da16b855009be2_JaffaCakes118
.exe windows:1 windows x86 arch:x86

9dcd3383ff048cfeddfa0cf8a2ba7d4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetModuleHandleW
LocalFree
TerminateProcess
GetProcAddress
GetSystemTimeAsFileTime
InitializeCriticalSection
Sleep
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetCurrentThreadId
GetModuleFileNameA
GetStartupInfoW
LocalFree
InterlockedDecrement
GetACP
DeleteCriticalSection
GetModuleHandleA
InterlockedDecrement
GetModuleFileNameA
CreateFileW
lstrlenW
MultiByteToWideChar
GetCommandLineW
InterlockedDecrement
HeapFree
TerminateProcess
lstrcmpiW
ExitProcess
DeleteCriticalSection
lstrlenW
GetSystemTimeAsFileTime
LoadLibraryW
GetCommandLineW
SetLastError
SetEvent
LoadLibraryW
VirtualAlloc
FreeLibrary
VirtualFree
VirtualAlloc
Sleep
FreeLibrary
ExitProcess
GetVersionExA
SetEvent
HeapReAlloc
GetLastError

Sections

.text
Size: 280KB - Virtual size: 460KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9dcd3383ff048cfeddfa0cf8a2ba7d4d

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 280KB - Virtual size: 460KB

.idata Size: 1KB - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.data Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 16B

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 280KB - Virtual size: 460KB

.idata
Size: 1KB - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 4KB