3e4da58a979b75787f5dc5ae947fe967_JaffaCakes118

General

Target

3e4da58a979b75787f5dc5ae947fe967_JaffaCakes118
Size

564KB
MD5

3e4da58a979b75787f5dc5ae947fe967
SHA1

91ce3555c32dd9a4790c6d373c11a0c2b2254f30
SHA256

459c45a4fa304ca6cb89aed5d7092c37700afcb5314e9079fbc6acb10e2fe6fd
SHA512

fbf76018cd21d1007829782306eaf1a1ead78a79ba5b689da32936611539c11c578aa45feaf9527368682af85ac83289d687289b9e4a285a74deec43ee04c781
SSDEEP

12288:QDMgDPlRfb6qiLOzQrcPnMXL7xRs/MCP7/vs2Kypqt5W5nM:QDMMRfbHzQ0nMhoMCPjjzoWp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e4da58a979b75787f5dc5ae947fe967_JaffaCakes118

Files

3e4da58a979b75787f5dc5ae947fe967_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44cc3d20d242657415174d8257362bdc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
GetCurrentThreadId
TlsSetValue
GetFileType
IsDebuggerPresent
VirtualQuery
LocalFree
SetFileAttributesA
GetACP
FindNextFileA
CloseHandle
ReadFile
GetProcAddress
GetCurrentDirectoryA
CreateDirectoryA
GetLocaleInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetModuleFileNameA
GetVersionExA
FlushFileBuffers
HeapDestroy
GetFileAttributesA
GetSystemInfo
HeapAlloc
VirtualAlloc
ExitProcess
lstrlenA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
TlsAlloc
SetLastError
TlsGetValue
GetLastError
GetEnvironmentVariableA
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InterlockedDecrement
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetOEMCP
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512KB - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44cc3d20d242657415174d8257362bdc

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 512KB - Virtual size: 512KB

.rsrc Size: 4KB - Virtual size: 656B

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 512KB - Virtual size: 512KB

.rsrc
Size: 4KB - Virtual size: 656B