734843f5cd111799ae44f1170b533d9e_JaffaCakes118

General

Target

734843f5cd111799ae44f1170b533d9e_JaffaCakes118
Size

76KB
MD5

734843f5cd111799ae44f1170b533d9e
SHA1

3a5ca7b87bc786454fe7b2ff5a7edf16f1bf07a1
SHA256

15d1123fa4bd953e57ce080542a6f9985a3a711620ac8274f6bb430f89af5382
SHA512

0e1c6840d684755e090b90a5af3d2f96d220c5e164cd8c5506544d5a47443ecfe8de431e70bd2ede2aacbe591c519bafe62b99475c8363fbb09d25b766896580
SSDEEP

768:Ta/TXQLsmkhamuH3HSTF6P1i06aIWUZcrh0ILAZ+xyHiB9IT17Yd2LdvrJoMBl:WbQLC7fTF69ie5KIcU6J7YUPoMB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
734843f5cd111799ae44f1170b533d9e_JaffaCakes118

Files

734843f5cd111799ae44f1170b533d9e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b766f8eb6e8d44f02db2b3ae529c2df2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

alleg40

ord390
ord100
ord531
ord645
ord61
ord199
ord421
ord574
ord655
ord243
ord191
ord654
ord84
ord748
ord652
ord590
ord359
ord369
ord202
ord99
ord620
ord659
ord273
ord70
ord582
ord648
ord159
ord7
ord85
ord72
ord682
ord153
ord367
ord358
ord362
ord74
ord361
ord113
ord469
ord394
ord474
ord117
ord118
ord565
ord196
ord594
ord608
ord405
ord605
ord653
ord152
ord503
ord272
ord651
ord619
ord67
ord477
ord658
ord661
ord379
ord479
ord504
ord640
ord382
ord107

kernel32

LCMapStringW
LCMapStringA
SetEndOfFile
LoadLibraryA
ReadFile
GetACP
GetCPInfo
GetOEMCP
SetFilePointer
FlushFileBuffers
CreateFileA
GetStringTypeW
GetStringTypeA
SetStdHandle
WriteFile
RtlUnwind
MultiByteToWideChar
GetStdHandle
SetHandleCount
GetFileType
GetEnvironmentStrings
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
FreeEnvironmentStringsW
GetProcAddress
CloseHandle
UnhandledExceptionFilter
HeapSize
GetLastError
VirtualAlloc
VirtualFree
HeapReAlloc
HeapDestroy
GetVersion
HeapCreate
GetStartupInfoA
GetModuleHandleA
GetCommandLineA
TerminateProcess
ExitProcess
GetCurrentProcess
HeapFree
HeapAlloc

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b766f8eb6e8d44f02db2b3ae529c2df2

Headers

File Characteristics

Imports

alleg40

kernel32

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 124KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 124KB

.rsrc
Size: 8KB - Virtual size: 8KB