41570ffabb7677c9ceffe491ca19f092_JaffaCakes118

General

Target

41570ffabb7677c9ceffe491ca19f092_JaffaCakes118
Size

804KB
MD5

41570ffabb7677c9ceffe491ca19f092
SHA1

8d4e31c553f4008a0fa9c6852099290007d0a9c4
SHA256

d9e61db1380fb73525d469701a5f73709cc6cf68e91b284aa8c41afd0e04ccb7
SHA512

111f7bcf813a832d395cfa9a41095f6ffdb1dc011bf33342a57ed26f9e8cab852adeef53c7039b3985e934ea225c5e57bc0ae59a60a1b83faa2a9e80a00fc264
SSDEEP

12288:IQ1kYJ/E1ziup1t28HVoge6sfTcdb9va3ucm5HenfxAv4PSftR:STEZ6jjDcm5Aav4ER

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41570ffabb7677c9ceffe491ca19f092_JaffaCakes118

Files

41570ffabb7677c9ceffe491ca19f092_JaffaCakes118
.exe windows:4 windows x86 arch:x86

377b7ab406a3b09b60d3ae82b4c2ec64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetCommandLineA
GetLastError
DeleteFileA
CreateProcessA
GetCPInfo
SetLastError
CopyFileExW
Sleep
OpenFileMappingA
CopyFileA
CreateDirectoryA
DeleteAtom
CopyFileExA
FindAtomA
CopyFileExW
GetFileTime
SetLastError
GlobalFree
GetComputerNameA
GetCPInfo
ReadConsoleA
CreateProcessA
GetStdHandle
FindFirstFileA
DeleteFileW
GetFileTime
GetConsoleMode
ExitThread
GlobalFree
GetComputerNameA
DeleteAtom
FindAtomA
GetCPInfo
CreateProcessA
OpenFile
ReadFile
GetFileSize
SetLastError
CreateThread
GetLastError

Sections

CODE
Size: 712KB - Virtual size: 710KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ReLOc
Size: 4KB - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

edata
Size: 24KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4KB - Virtual size: 85B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

377b7ab406a3b09b60d3ae82b4c2ec64

Headers

File Characteristics

Imports

kernel32

Sections

CODE Size: 712KB - Virtual size: 710KB

DATA Size: 8KB - Virtual size: 5KB

.ReLOc Size: 4KB - Virtual size: 384B

edata Size: 24KB - Virtual size: 4.0MB

.bss Size: 4KB - Virtual size: 85B

.rdata Size: 4KB - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 40KB - Virtual size: 36KB

CODE
Size: 712KB - Virtual size: 710KB

DATA
Size: 8KB - Virtual size: 5KB

.ReLOc
Size: 4KB - Virtual size: 384B

edata
Size: 24KB - Virtual size: 4.0MB

.bss
Size: 4KB - Virtual size: 85B

.rdata
Size: 4KB - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 40KB - Virtual size: 36KB