7055ae5755e7f0e3a1b6971bd42da7d7_JaffaCakes118

General

Target

7055ae5755e7f0e3a1b6971bd42da7d7_JaffaCakes118
Size

331KB
MD5

7055ae5755e7f0e3a1b6971bd42da7d7
SHA1

eb2a0b2009b48870972e4b9def356d3414ee7faa
SHA256

aa51a456554409c8f0c9b73d41f82f56701ff2527d9d05d509df9fcb57c98364
SHA512

49674c460b47fe474491cd6643c12a8bd912683105cefe0ad24a7f819767a8cbd804052bdbf35ed2e24f8652ca8ebc1d2c203ae6b5756c3e195b5bd760942a40
SSDEEP

6144:SeQ6cgQCiX1TcKvYzpSiEDNevSXqNBcSP4ldTPUnBBkHL4/kZOd:SeQ6cglilAK+gJuSpSid4oHskZOd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7055ae5755e7f0e3a1b6971bd42da7d7_JaffaCakes118

Files

7055ae5755e7f0e3a1b6971bd42da7d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9e2d10078d83e64c6b91e8f83daed27c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedExchangeAdd
SetEvent
InterlockedExchange
lstrlenA
Sleep
lstrcpyA
DisableThreadLibraryCalls
CreateFileA
LocalAlloc
WideCharToMultiByte
SystemTimeToFileTime
IsBadStringPtrA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedIncrement
InterlockedDecrement
LocalFree
CreateSemaphoreA
GetCommandLineA
InterlockedCompareExchange
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetSystemInfo
LCMapStringW
HeapAlloc
HeapFree
RtlUnwind
GetStartupInfoA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
VirtualQuery
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
HeapSize
LCMapStringA
MultiByteToWideChar

advapi32

RegCloseKey
RegQueryValueExA

rpcrt4

RpcServerRegisterIfEx
RpcServerInqBindings
RpcEpRegisterA
RpcServerUseProtseqW

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e2d10078d83e64c6b91e8f83daed27c

Headers

File Characteristics

Imports

kernel32

advapi32

rpcrt4

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 282KB - Virtual size: 281KB

.data Size: 4KB - Virtual size: 279KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 282KB - Virtual size: 281KB

.data
Size: 4KB - Virtual size: 279KB

.rsrc
Size: 1KB - Virtual size: 1KB