6f1f162a7bd62031c7c31fc28d99bf41_JaffaCakes118

General

Target

6f1f162a7bd62031c7c31fc28d99bf41_JaffaCakes118
Size

56KB
MD5

6f1f162a7bd62031c7c31fc28d99bf41
SHA1

6a40e9c57866601e778cb95ed8121fcb5e2d1870
SHA256

ad1a984af686851b9dd4553431c836173162c841d6f11b4321dbbcf9065dfd95
SHA512

fcd58b26cbdfa8147c6e6c4d5e143f3cccc1ef5ca8f1d810f2008e1d28fce0b7f3032910f133bf4baf37d601b4d286aa76c8346721f815d2fc347aeadab56ee5
SSDEEP

768:TETcLNOVE3ohIbveAieE5i2opKCGWRKI+KwJj:0e3oaHEw2opAJKwJj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f1f162a7bd62031c7c31fc28d99bf41_JaffaCakes118

Files

6f1f162a7bd62031c7c31fc28d99bf41_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d34aa9d254109b5dda98ebbf0b506d17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
lstrlenA
FindNextFileA
FindFirstFileA
FreeLibrary
GetProcAddress
LoadLibraryA
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
RtlUnwind
GetCommandLineA
GetVersion
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
lstrcpyA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetLastError
SetFilePointer
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
SetStdHandle
CloseHandle

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d34aa9d254109b5dda98ebbf0b506d17

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 1KB