2ecb1c42aacb257414d6449f3bf000e3_JaffaCakes118

General

Target

2ecb1c42aacb257414d6449f3bf000e3_JaffaCakes118
Size

116KB
MD5

2ecb1c42aacb257414d6449f3bf000e3
SHA1

0e6d8d86d728e5e63eaa15249dc409936c56f887
SHA256

5016c1600872fffb7c288293a699cbd9f9c8db9fad1e289ca5b78d32ca7cbc28
SHA512

8baf60fc5a67b06d150c25d0f33f6171f15901d5a0ffb5995be7cc4586f4a2c39473f17aa1dcf2d4fdb874651c4fea6860fec9c7cd35dc82dd14e9400455756f
SSDEEP

3072:3mrMlMPAFKQKtYRF5D2BWUPYwEjUlGv3RV:3CwM+iYRjB0a3RV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ecb1c42aacb257414d6449f3bf000e3_JaffaCakes118

Files

2ecb1c42aacb257414d6449f3bf000e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

61962fad8c8071530bc680d854b55249

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineW
GetProcAddress
OutputDebugStringA
LoadLibraryA
FreeLibrary
GetLastError
CloseHandle
HeapFree
CreateFileA
HeapAlloc
GetProcessHeap
SetLastError
LocalFree
FormatMessageA
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
VirtualAlloc
FlushFileBuffers
SetFilePointer
GetStringTypeW
GetStringTypeA
LCMapStringW
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GlobalFree
GetCommandLineA
GetVersion
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
LCMapStringA
GetStdHandle
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile

user32

MessageBoxA

shell32

CommandLineToArgvW

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

61962fad8c8071530bc680d854b55249

Headers

File Characteristics

Imports

kernel32

user32

shell32

setupapi

Sections

.text Size: 20KB - Virtual size: 18KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 76KB - Virtual size: 76KB

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 76KB - Virtual size: 76KB