7406654055a6c593a941b2ea4eda7fea_JaffaCakes118

General

Target

7406654055a6c593a941b2ea4eda7fea_JaffaCakes118
Size

64KB
MD5

7406654055a6c593a941b2ea4eda7fea
SHA1

3575d83188e6e539db3c6f0e6f758225c39b759c
SHA256

18bac61b63185c1d184eedfef57d5804714e9ef311c044890b5951c8e53306a7
SHA512

678eed6124e51446362ccd248054afadc0a571388536f6aaad928e1d5e2a86ee5b929fe6dce8ea870f32ede290182681503ce3c484ccd7f179f906a965f50593
SSDEEP

768:t7qA3vH0uj1ZLANRr4PvPgynk50uEs3P3XEt/awEHE:t2UfTLAb8PXnk9Mt/7L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7406654055a6c593a941b2ea4eda7fea_JaffaCakes118

Files

7406654055a6c593a941b2ea4eda7fea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

80871fae6096da9b0758d2336d63331b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
LoadLibraryA
CloseHandle
VirtualFreeEx
Process32Next
ReadFile
GetProcAddress
GetCompressedFileSizeA
WriteProcessMemory
CreateRemoteThread
CreateToolhelp32Snapshot
Process32First
GetFileAttributesA
VirtualProtectEx
VirtualAllocEx
WaitForSingleObject
OpenProcess
GetModuleFileNameA
Module32First
Module32Next
CreateFileA
GetModuleHandleA
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
WriteFile
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RaiseException
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
HeapSize
MultiByteToWideChar
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

80871fae6096da9b0758d2336d63331b

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 12KB - Virtual size: 32KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 12KB - Virtual size: 32KB