242086de76ac36361b56b5906fe123cd_JaffaCakes118

General

Target

242086de76ac36361b56b5906fe123cd_JaffaCakes118
Size

277KB
MD5

242086de76ac36361b56b5906fe123cd
SHA1

94afaa3e7363c291c715a1d3b18ce5dd4d54c7fb
SHA256

c37872d5e8d027ffbeb88216b3596370435e3e7af22b1d3651288597e05e1a2f
SHA512

7f5ec338441e66fe0f1412c9d28517ed150ce06e9d4ffe862b2b33517bdeb9de735b2cd76d2196ae7cfad755b6f3d78ea67a380f0fee9980d25ac44647574d30
SSDEEP

6144:OeiFz9NA9asBRPjPjcHuCBl4IXi4G4sFO8K6VmKx3s5:OeiFz09asB1jcmmII

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
242086de76ac36361b56b5906fe123cd_JaffaCakes118

Files

242086de76ac36361b56b5906fe123cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

279126a2ea1549dd17d57bacde0b89eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
GetLastError
CloseHandle
WriteFile
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DebugBreak
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
GetModuleHandleA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
FlushFileBuffers
IsBadWritePtr
IsBadReadPtr
HeapValidate
SetStdHandle
SetConsoleCtrlHandler
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
SetUnhandledExceptionFilter
IsBadCodePtr
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
CreateFileA
WriteConsoleA

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

merlbll
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

279126a2ea1549dd17d57bacde0b89eb

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 176KB - Virtual size: 173KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 12KB - Virtual size: 14KB

.idata Size: 4KB - Virtual size: 2KB

.reloc Size: 36KB - Virtual size: 36KB

merlbll Size: 33KB - Virtual size: 33KB

.text
Size: 176KB - Virtual size: 173KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 12KB - Virtual size: 14KB

.idata
Size: 4KB - Virtual size: 2KB

.reloc
Size: 36KB - Virtual size: 36KB

merlbll
Size: 33KB - Virtual size: 33KB