616dabe2427c6b1c1eba20c8de4e8e69_JaffaCakes118

General

Target

616dabe2427c6b1c1eba20c8de4e8e69_JaffaCakes118
Size

144KB
MD5

616dabe2427c6b1c1eba20c8de4e8e69
SHA1

84768b04f37f7548336647593fe6b67e1cb7f345
SHA256

1677190cd88f8a63cca7d2f20629d972a3ce07f4f8c11921654a4a8e16b91996
SHA512

48ec0450472258162bd37fb31028e77c988a2212163c9ff287a88eed615684e4e4b52ae7824c72ad8ecd533bd002c08083e252f8cbfeed7d24ec6e1dfc457108
SSDEEP

3072:GvGudfGrIffE8YtJI5po41rJuCUHmt3acdrkGvYNQ:wGKfGrIfL97rJuCUGt3aJkg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
616dabe2427c6b1c1eba20c8de4e8e69_JaffaCakes118

Files

616dabe2427c6b1c1eba20c8de4e8e69_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0dcd07279a1f2e539548a27d6ae30c30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCtrlHandler
FileTimeToLocalFileTime
GetVersionExA
GetConsoleMode
SetConsoleMode
GetStdHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
AreFileApisANSI
GetModuleFileNameA
GetModuleFileNameW
LocalFree
FormatMessageA
FormatMessageW
CloseHandle
SetFileTime
CreateFileW
SetLastError
SetFileAttributesA
RemoveDirectoryA
MoveFileA
SetFileAttributesW
RemoveDirectoryW
MoveFileW
CreateDirectoryA
CreateDirectoryW
GetLastError
DeleteFileA
DeleteFileW
lstrlenA
GetFullPathNameA
GetFullPathNameW
FindClose
FindFirstFileA
FindFirstFileW
CreateFileA
GetFileSize
SetFilePointer
ReadFile
WriteFile
SetEndOfFile
FileTimeToSystemTime
MultiByteToWideChar
WideCharToMultiByte
WaitForMultipleObjects
VirtualAlloc
VirtualFree
WaitForSingleObject
CreateEventA
SetEvent
ResetEvent
InitializeCriticalSection
GetCommandLineW
SetFileApisToOEM

user32

CharUpperW
CharNextA
CharUpperA

oleaut32

VariantClear
SysFreeString
SysAllocString

msvcrt

fclose
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
?terminate@@YAXXZ
_onexit
__CxxFrameHandler
_CxxThrowException
_purecall
memmove
memcmp
memcpy
malloc
free
_iob
_controlfp
fgetc
fflush
fputs
fputc
memset
_rotr
_beginthreadex
_except_handler3
??1type_info@@UAE@XZ
__dllonexit

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dcd07279a1f2e539548a27d6ae30c30

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

msvcrt

Sections

.text Size: 115KB - Virtual size: 115KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 4KB - Virtual size: 21KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 115KB - Virtual size: 115KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 21KB

.rsrc
Size: 2KB - Virtual size: 2KB