6457f2724a54fe67117726c70166d347_JaffaCakes118

General

Target

6457f2724a54fe67117726c70166d347_JaffaCakes118
Size

352KB
MD5

6457f2724a54fe67117726c70166d347
SHA1

0dbf3ad4c18159f422c91fbbb1a29c9dad753bab
SHA256

b57c28344c70dee630cfd62e95114dae9074b0122a5a45e208561dff261df5f5
SHA512

c8e90fab1f4a5f656b6505c865fd7f0573de619a87677c50ff3ddf5be3a99d705c038740c76d764d02bcc2d2f54a58b3ed0b3b80f4aefb3d8f012f45df248e16
SSDEEP

6144:fwfiHt0H92sdS6wleYRHQjcjNBZpdMbBedPFcZTEIoBb9oDcQm5ysLT7szP/KM9R:fwfiH2d2sdsUY9QjmNZdMVedPFcZTEIh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6457f2724a54fe67117726c70166d347_JaffaCakes118

Files

6457f2724a54fe67117726c70166d347_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2328e9129448579f5a717d1a73f0c2a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
SetErrorMode
SetConsoleCtrlHandler
SetLastError
GetCommandLineA
RaiseException
GetFileType
GetStdHandle
GetLastError
VirtualAlloc
VirtualFree
GetVersionExA
CloseHandle
FormatMessageA
DebugBreak
FreeLibrary
GetCurrentThread
GetCurrentProcess
GetProcAddress
LoadLibraryA
GetModuleFileNameA
VirtualQuery
MapViewOfFile
CreateFileMappingA
CreateFileA
GetModuleHandleA
ReadFile
SetEndOfFile
SetFilePointer
GetTempFileNameA
GetTempPathA
GetFullPathNameA
GetFileInformationByHandle
Sleep
WriteFile
DeleteFileA
WaitForSingleObject
SetThreadPriority
CreateProcessA
Beep
GetLocalTime
SetLocalTime
FlushFileBuffers
GetVersion
ExitProcess
TerminateProcess
UnhandledExceptionFilter
HeapAlloc
HeapReAlloc
HeapFree
RtlUnwind
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
MultiByteToWideChar
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetFileAttributesA
IsBadWritePtr
GetCPInfo
GetOEMCP
WriteConsoleA
SetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringA
CompareStringW
GetExitCodeProcess
SetStdHandle

Sections

.text
Size: 292KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 566KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2328e9129448579f5a717d1a73f0c2a3

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 292KB - Virtual size: 288KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 36KB - Virtual size: 566KB

.trace Size: 4KB - Virtual size: 2KB

.text
Size: 292KB - Virtual size: 288KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 36KB - Virtual size: 566KB

.trace
Size: 4KB - Virtual size: 2KB