1c3c9c007446d391ad62fd7de4948f67_JaffaCakes118

General

Target

1c3c9c007446d391ad62fd7de4948f67_JaffaCakes118
Size

147KB
MD5

1c3c9c007446d391ad62fd7de4948f67
SHA1

e850377466f079508fdc86bb6a4ca47cc9fe42a2
SHA256

79d2662d9c9cc4c1818e0d0e48d89b33e0e1155582fc0258f1b97d2edbc279e2
SHA512

b88490e8cbfdf8255925e08e4e217269283dff92de803fe5de1972ebb6dba50989224eb2bab9e2935d18e284177400e1ecc349982b23e2bef605c5b3fd1771f8
SSDEEP

3072:SV7K8VRSR/nbOk6Y8yWJjGpoZLyg7uAo6GGfIXAG1ukFDCR/cvuSZaf:vR/nbOkN8JjGpofuhFGfIQG1lFUoi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c3c9c007446d391ad62fd7de4948f67_JaffaCakes118

Files

1c3c9c007446d391ad62fd7de4948f67_JaffaCakes118
.exe windows:4 windows x86 arch:x86

40da98acabe1f1aa1c3f10ae92b0f5e0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_ismbcsymbol
_wsearchenv
_CIsin
_timezone
_ismbbkalnum
_fcloseall
_mbsdup
_atodbl
abort

kernel32

GetModuleHandleA
HeapAlloc
GetCurrentProcess
VirtualFree
EnumSystemLocalesA
VirtualAlloc
GetProcessHeap
GetCommandLineA
GetCommConfig
ExitProcess

version

GetFileVersionInfoSizeW
VerFindFileA
GetFileVersionInfoW
GetFileVersionInfoA
VerFindFileW

user32

CharLowerBuffW

advapi32

CreateProcessAsUserW
RegQueryValueExA
GetEffectiveRightsFromAclW
GetMultipleTrusteeOperationA
MapGenericMask
GetPrivateObjectSecurity

gdi32

GetCharWidthA
GetClipBox
GdiSetBatchLimit
AnimatePalette
GdiSetLastError
SetROP2
EnumFontFamiliesA
RestoreDC
CreateDIBPatternBrush
CreateRectRgn

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 54KB - Virtual size: 389KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 54KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40da98acabe1f1aa1c3f10ae92b0f5e0

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

version

user32

advapi32

gdi32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 7KB - Virtual size: 19KB

.rdata Size: 54KB - Virtual size: 389KB

.idata Size: 54KB - Virtual size: 58KB

.rsrc Size: 26KB - Virtual size: 25KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 7KB - Virtual size: 19KB

.rdata
Size: 54KB - Virtual size: 389KB

.idata
Size: 54KB - Virtual size: 58KB

.rsrc
Size: 26KB - Virtual size: 25KB