615dbb997c8fd3d9bae6702a604cf761_JaffaCakes118

General

Target

615dbb997c8fd3d9bae6702a604cf761_JaffaCakes118
Size

410KB
MD5

615dbb997c8fd3d9bae6702a604cf761
SHA1

4222b27876dc583bbc394e1fc432e6b5c8d4c59a
SHA256

0f5291c2f222ef87381c937b3012201b744f6da9de9cb76d8911e5f195aaf826
SHA512

45b0bcb85bfbccb1b7fdf37ac6c73fe1cb3d4a1056ed36239b26b500a442f04768a24e9b2f9b272652d30d92b7cfbc1b0ebc928920e895fbf6ac212ea510a119
SSDEEP

12288:afsbfB5kPG5r7ElRYj5Kp1g95f3xSS1rCbWW5:zbp+PGFQlRYe+Tf3n1ih

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
615dbb997c8fd3d9bae6702a604cf761_JaffaCakes118

Files

615dbb997c8fd3d9bae6702a604cf761_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d0d57bcba21035f13f3879f5d3765288

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetVersionExA
HeapDestroy
TlsAlloc
GetProcAddress
HeapSize
HeapReAlloc
TlsGetValue
OutputDebugStringA
GetLocaleInfoA
GetCurrentProcessId
UnhandledExceptionFilter
GetFileTime
GetACP
VirtualFree
GetModuleHandleA
InitializeCriticalSection
GetCompressedFileSizeW
VirtualProtect
LeaveCriticalSection
GetCurrentThread
WriteFile
WaitForMultipleObjects
GetStringTypeW
IsValidCodePage
InterlockedExchangeAdd
GetFileType
GetCurrentDirectoryA
lstrcmpiW
ExitProcess
GetTickCount
ReadConsoleA
TlsSetValue
HeapFree
EnterCriticalSection
GetModuleFileNameA
GetStdHandle
LoadLibraryA
QueryPerformanceCounter
DeleteCriticalSection
VirtualAlloc
CreateFileMappingA
GetCurrencyFormatW
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
EnumSystemLocalesA
GetCPInfo
GetEnvironmentStrings
SetEnvironmentVariableA
WideCharToMultiByte
HeapCreate
CompareStringA
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
ReadConsoleOutputCharacterA
SetEvent
FreeEnvironmentStringsW
GetCommandLineA
CopyFileA
SetLastError
IsValidLocale
GetStringTypeA
lstrlenA
GetDateFormatA
SetHandleCount
FileTimeToDosDateTime
GetUserDefaultLCID
TlsFree
GetEnvironmentStringsW
GetFullPathNameA
InterlockedExchange
GetLocaleInfoW
GetLastError
CompareStringW
LCMapStringA
GetStartupInfoA
GetTimeZoneInformation
IsBadWritePtr
GetTimeFormatA
HeapAlloc
MultiByteToWideChar
WritePrivateProfileSectionW
LCMapStringW
GetSystemInfo

advapi32

LookupAccountSidW
CryptHashSessionKey
ReportEventW
RegOpenKeyExA
RegEnumValueW
RegDeleteKeyA
DuplicateToken

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 270KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0d57bcba21035f13f3879f5d3765288

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 129KB - Virtual size: 128KB

.data Size: 270KB - Virtual size: 278KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 129KB - Virtual size: 128KB

.data
Size: 270KB - Virtual size: 278KB

.rsrc
Size: 9KB - Virtual size: 9KB