6a3024c85147597b52fb713c2750f692_JaffaCakes118

General

Target

6a3024c85147597b52fb713c2750f692_JaffaCakes118
Size

140KB
MD5

6a3024c85147597b52fb713c2750f692
SHA1

3db67b869856e68fac6f939b1c14c75af4d1c11c
SHA256

5b3fad0273b72081732b3638e8262c3c2106806c06796a50ddeefd548e8c9d70
SHA512

a293cfb898e8de2e07e9c59583611baa6c06eabc131b537f867febc602ff385ba2f4d2afcb7f9a1c8b85d529b3f2b3dfa858366348fe7b1cb1ff5f2d8f595bc0
SSDEEP

3072:V/S9VBbpX+JDZTqNmLudpkDNzDUfO4khT7AA87:1S9X4JDZ2mku5Hp4UI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a3024c85147597b52fb713c2750f692_JaffaCakes118

Files

6a3024c85147597b52fb713c2750f692_JaffaCakes118
.exe windows:4 windows x86 arch:x86

071ff622332d356b744e3cefa1d37963

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetStdHandle
GlobalAddAtomA
GetTickCount
LoadLibraryA
GetStringTypeA
IsBadReadPtr
LoadResource
GetVersionExA
VirtualAllocEx
GetModuleHandleA
GetVersion
GetOEMCP
HeapFree
GetLocaleInfoA
LoadLibraryExA
GetThreadLocale
lstrlenA
GetCommandLineW
GlobalFindAtomA
LockResource
GetCommandLineA
GlobalAlloc
lstrlenW
GetProcessHeap
InitializeCriticalSection
ExitThread
GetStartupInfoA
GetLocalTime
GetProcAddress
HeapAlloc
GetUserDefaultLCID
RaiseException
GetSystemDefaultLangID
GlobalDeleteAtom
GetModuleFileNameA
GetStringTypeW

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 757B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 302B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

071ff622332d356b744e3cefa1d37963

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 100KB - Virtual size: 98KB

.rdata Size: 4KB - Virtual size: 757B

.data Size: 4KB - Virtual size: 1KB

DATA Size: 4KB - Virtual size: 302B

.fdata Size: 8KB - Virtual size: 7KB

.ddata Size: 4KB - Virtual size: 2KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 100KB - Virtual size: 98KB

.rdata
Size: 4KB - Virtual size: 757B

.data
Size: 4KB - Virtual size: 1KB

DATA
Size: 4KB - Virtual size: 302B

.fdata
Size: 8KB - Virtual size: 7KB

.ddata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 12KB - Virtual size: 8KB