731d9c41b365817a20a3a9ab900df5be_JaffaCakes118

General

Target

731d9c41b365817a20a3a9ab900df5be_JaffaCakes118
Size

414KB
MD5

731d9c41b365817a20a3a9ab900df5be
SHA1

2ae76bbe95b28eda12fcdfa1857d931fc866b30d
SHA256

8e0e4035b206d180a940132b89ed11c24c1413d07c27da3355bf6c0891fcc996
SHA512

00c26a4b3c2ac4fdc0d494f8340b5c705cf70769c4e6574024c451ee295f0f570cb329218e76e1dbd11acd9e5262c63dd82483adf70f5744fd6494e8d26e193b
SSDEEP

6144:G3lp0yN90QEorzORAXLG6wVkxSuzRndzUPPa4YkpACnAAqJczq:G3Qy90OzoAXLG6AkxSEdzyPamq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
731d9c41b365817a20a3a9ab900df5be_JaffaCakes118

Files

731d9c41b365817a20a3a9ab900df5be_JaffaCakes118
.exe windows:6 windows x86 arch:x86

e304217fc16c011615a0ec22783cbfae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcatA
InitializeCriticalSection
GetProcAddress
LocalFree
RaiseException
LocalAlloc
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
SearchPathA
ResumeThread
WriteProcessMemory
GetPrivateProfileSectionA
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW

user32

DefWindowProcA
AdjustWindowRectEx

Sections

0
Size: 25KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: 331KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4
Size: 44KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6
Size: 7KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e304217fc16c011615a0ec22783cbfae

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

0 Size: 25KB - Virtual size: 42KB

1 Size: 1KB - Virtual size: 8KB

2 Size: 331KB - Virtual size: 332KB

3 Size: - Virtual size: 3KB

4 Size: 44KB - Virtual size: 68KB

5 Size: 3KB - Virtual size: 3KB

6 Size: 7KB - Virtual size: 28KB

0
Size: 25KB - Virtual size: 42KB

1
Size: 1KB - Virtual size: 8KB

2
Size: 331KB - Virtual size: 332KB

3
Size: - Virtual size: 3KB

4
Size: 44KB - Virtual size: 68KB

5
Size: 3KB - Virtual size: 3KB

6
Size: 7KB - Virtual size: 28KB