6a1cddbd8f8ad1d7259216e095c94c3b_JaffaCakes118

General

Target

6a1cddbd8f8ad1d7259216e095c94c3b_JaffaCakes118
Size

301KB
MD5

6a1cddbd8f8ad1d7259216e095c94c3b
SHA1

6e280f8446f51ca05d95bb258d833608a52ac644
SHA256

ca8b9d46d3402017826b9aa0ae9c5dad69d156f23ad4cfc2b8db6b3d974f3d97
SHA512

5e2c00cf5775816340809d7fa88af1fb43ff7d2dcecf4a523c2ca05154d714f4e8d9121d2bfa31321d622ed4aefd45eb685914a887ca3c5b396be797a0230bc5
SSDEEP

6144:5aj3A5G0ZBqDLh4DUktcVbC7xF7rjZSGriXqyMPQi/XDrhi87f76Q2lCZZ:gbCG0XsLsUk8kxjZXrGMPQi/Xvc6rZZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a1cddbd8f8ad1d7259216e095c94c3b_JaffaCakes118

Files

6a1cddbd8f8ad1d7259216e095c94c3b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee4f2fb790b499be85a8f0ace9ad2633

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetLastError
GetComputerNameA
WideCharToMultiByte
VirtualProtect
GetModuleHandleA
GetStartupInfoA

advapi32

RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA

rpcrt4

NdrClientCall2
RpcBindingFree
RpcBindingSetAuthInfoA
RpcNetworkIsProtseqValidA
RpcEpResolveBinding
RpcBindingFromStringBindingA

msvcrt

_except_handler3
getenv
strncpy
free
malloc
_adjust_fdiv
time
strchr
_strnicmp
localtime
__dllonexit
_onexit
_exit
sprintf
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
__p__commode
__p__fmode
__set_app_type
_controlfp
difftime
clock
ctime
asctime
_stricmp
_XcptFilter

msvcp60

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 290KB - Virtual size: 579KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee4f2fb790b499be85a8f0ace9ad2633

Headers

File Characteristics

Imports

kernel32

advapi32

rpcrt4

msvcrt

msvcp60

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 290KB - Virtual size: 579KB

.rsrc Size: 4KB - Virtual size: 8KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 290KB - Virtual size: 579KB

.rsrc
Size: 4KB - Virtual size: 8KB