5be1947bdbf84fe69aeb840613f98ad5_JaffaCakes118

General

Target

5be1947bdbf84fe69aeb840613f98ad5_JaffaCakes118
Size

10KB
MD5

5be1947bdbf84fe69aeb840613f98ad5
SHA1

a33622f2fb0a11418b3b93e78bc29a948503d8df
SHA256

018b4f468be00231b82cf5dc156a921a3eb00e42f6e7df69bc008239137e504c
SHA512

859e85ca3d261dd40efba3b32b314dd0e43132bc6529a3ee3d96d550f3ceabcdaa4f924fbcd9f29843b6ca2da126e0fe7e39c6ce9f0bba954463f5fa95d7e9fa
SSDEEP

192:jYkX8MJmRCyf7AScniCLz9aSzruVQG6kOlI2rNWKK:jPXJmRCQsVniGz9aSHuVMI2BO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5be1947bdbf84fe69aeb840613f98ad5_JaffaCakes118

Files

5be1947bdbf84fe69aeb840613f98ad5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3d919df9e990a1300047fa7519df8529

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\crediar\Documents\Visual Studio Codename Orcas\Projects\IOSKPatch\Release\IOSKPatch.pdb

Imports

msvcr100

_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
_crt_debugger_hook
_initterm_e
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_invoke_watson
_controlfp_s
_initterm
__initenv
exit
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
??2@YAPAXI@Z
fclose
fseek
ftell
fwrite
fread
fopen
?terminate@@YAXXZ
printf

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DecodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
EncodePointer
HeapSetInformation
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d919df9e990a1300047fa7519df8529

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcr100

kernel32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 1024B - Virtual size: 574B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 1024B - Virtual size: 574B