48c279aad4c8b6f932d4c4dc614594c8_JaffaCakes118

General

Target

48c279aad4c8b6f932d4c4dc614594c8_JaffaCakes118
Size

4.9MB
MD5

48c279aad4c8b6f932d4c4dc614594c8
SHA1

e6b233ea70da6f64dbb75423c58df98f852930de
SHA256

4bd3f50f8600caf5035bea9c0ad2331446c3cadbc8555351472241e087d36a75
SHA512

201c362b8bbe496d0e10a24590c2f1c5b7b41f2363795440f3f942f89d0cfe0e97ac6ebdb6329e15f7e3cba3e78fa1c50ca9a28874ec94bc20c94858233395a0
SSDEEP

98304:LMXcljEoqI33NK7u8d9uNi4RUSfDji8Kav6nKIlucZ/YffGgdqG:YoNKdfuNi4US/iXav6Buc/hgdf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48c279aad4c8b6f932d4c4dc614594c8_JaffaCakes118

Files

48c279aad4c8b6f932d4c4dc614594c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a13f235514fc02bf4b827e0ae08b9495

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
RtlUnwind
GetModuleHandleW
GetCurrentProcess
VirtualAlloc
TerminateProcess
WriteConsoleW
GetDriveTypeA
ResumeThread
FindResourceA
OpenMutexA
WaitForSingleObject
CreateMutexW
GetCommandLineW
lstrcmpA
GetLocaleInfoW
GetVersion
GetDriveTypeW
GetCommandLineA
GetCurrentDirectoryW
OpenEventW
GetConsoleMode
GetSystemTimeAsFileTime
OutputDebugStringW
MultiByteToWideChar
ExitProcess
GetProcessHeap
ClearCommError
WaitForMultipleObjects
GetWindowsDirectoryA
GetCurrentProcessId
GetCurrentThreadId

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: - Virtual size: 19.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a13f235514fc02bf4b827e0ae08b9495

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 1KB - Virtual size: 1KB

BSS Size: - Virtual size: 19.1MB

DATA Size: - Virtual size: 2KB

.textbss Size: - Virtual size: 3KB

DATA Size: - Virtual size: 2.9MB

.bss Size: 4.9MB - Virtual size: 4.9MB

.tls Size: - Virtual size: 28KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 1KB - Virtual size: 1KB

BSS
Size: - Virtual size: 19.1MB

DATA
Size: - Virtual size: 2KB

.textbss
Size: - Virtual size: 3KB

DATA
Size: - Virtual size: 2.9MB

.bss
Size: 4.9MB - Virtual size: 4.9MB

.tls
Size: - Virtual size: 28KB

.rsrc
Size: 17KB - Virtual size: 16KB