2a487db5f8a551cb5508074a7cd34bf5_JaffaCakes118

General

Target

2a487db5f8a551cb5508074a7cd34bf5_JaffaCakes118
Size

105KB
MD5

2a487db5f8a551cb5508074a7cd34bf5
SHA1

4e07c1aa9348875190a2a1a8c06d5caea9f70f55
SHA256

bd8d6f24158fc2e0565b39008b392e2661a5f4b2dc257cc0438d226e9b67a386
SHA512

7eea10551344caf285a308293507f3c87d2cbec4ae954887c8b4c0c6c9a437007df9dc567412297fd78afd82045b12d0ce9eaf4542e886d09519a692d0a0cc4d
SSDEEP

1536:kVKftDmZo29l0Jx9n9yPNCLG1LJKqtcbBL+SUUYrTnToIfAIODnxmRXwZvLdwzb5:kVOmtMYPmGhJKhNCSWjTBf2DnxmRgZL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a487db5f8a551cb5508074a7cd34bf5_JaffaCakes118

Files

2a487db5f8a551cb5508074a7cd34bf5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

106e1e003076e14febb388cc34c0d298

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GlobalAlloc
GlobalFree
GlobalMemoryStatus
LoadLibraryA
SetEvent
GetTickCount
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteFile
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetLastError
GetCurrentProcessId
GetCurrentDirectoryA
ExitThread
ExitProcess
DeleteFileA
CreateThread
CreateMutexA
CreateFileA
CreateEventA
CopyFileA
CloseHandle
Sleep
FreeLibrary
GetSystemTimeAsFileTime
GetLocalTime
SystemTimeToFileTime
GetSystemTime
HeapCompact
GetModuleFileNameA
HeapDestroy
HeapFree
HeapCreate
HeapAlloc

msvcrt

calloc
malloc
_errno
printf
sqrt
strcpy
memcmp
isdigit
atoi
_gmtime64
_localtime64
_time64
strftime
strcat
memcpy
_snprintf
strncat
memmove
strstr
strlen
free
_except_handler3
memset
_tzset

user32

DrawTextA
GetDC

gdi32

SetBkMode
SetTextColor
CreateFontA
Ellipse
LineTo
MoveToEx
DeleteObject
Rectangle
CreateHatchBrush
SetDIBColorTable
SelectObject
CreateDIBSection
CreateCompatibleDC
GdiFlush

Sections

.text
Size: 71KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 538B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 11KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

106e1e003076e14febb388cc34c0d298

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

Sections

.text Size: 71KB - Virtual size: 112KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 15KB

.tls Size: 1024B - Virtual size: 538B

.sxdata Size: 11KB - Virtual size: 32KB

.text
Size: 71KB - Virtual size: 112KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 15KB

.tls
Size: 1024B - Virtual size: 538B

.sxdata
Size: 11KB - Virtual size: 32KB