84504f246694efd67f77a99857b4239a_JaffaCakes118

General

Target

84504f246694efd67f77a99857b4239a_JaffaCakes118
Size

141KB
MD5

84504f246694efd67f77a99857b4239a
SHA1

8de8cfef60527550d57642e9dfca46d267f489e7
SHA256

588d78713a81cc6081ca2209f13a1313546ed6b92a4342a1a979e14e18a49339
SHA512

069c91af8bc3c6ea744ce606e45ea1fc80942fdc50a309b3fe008c8c7c537be9a7fd143f597a3af33c30950e4219179f8af9daa84ce0b307aa2dda8efa73b5a4
SSDEEP

3072:0zDbrL+PhETl6MPtyE9lTNoEylpeUZ6nRFQ5Ws3xjKR:0zDTgWyEHNovlpT674WspG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84504f246694efd67f77a99857b4239a_JaffaCakes118

Files

84504f246694efd67f77a99857b4239a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

90f126ac16705184dbbf9abb26a95e5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateProcessW
DeleteFileW
Sleep
GetTickCount
GetTimeFormatA
InterlockedExchange
GetVolumeInformationW
SetLastError
ExitProcess
GetCurrentProcessId
GetFileTime
GetModuleFileNameW
FindCloseChangeNotification
FindNextChangeNotification
DeviceIoControl
WaitForSingleObject
GetCurrentProcess
GetTempPathW
LoadLibraryW
HeapWalk
HeapCompact
HeapAlloc
HeapCreate
HeapFree
CopyFileW
CreateDirectoryA
ResetEvent
WaitForMultipleObjects
VirtualFree
VirtualProtect
VirtualAlloc
GetCurrentThreadId
GetCommandLineW
GetModuleHandleW
WriteConsoleA
GetModuleHandleA
GetStartupInfoA

ws2_32

WSACloseEvent
WSAConnect
WSAAddressToStringA
WSACreateEvent

msvcr71

_controlfp
_onexit
__dllonexit
exit
realloc
free
malloc
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 30KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rrdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

90f126ac16705184dbbf9abb26a95e5a

Headers

File Characteristics

Imports

kernel32

ws2_32

msvcr71

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 30KB - Virtual size: 102KB

.rsrc Size: 1KB - Virtual size: 1KB

.rrdata Size: 68KB - Virtual size: 68KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 30KB - Virtual size: 102KB

.rsrc
Size: 1KB - Virtual size: 1KB

.rrdata
Size: 68KB - Virtual size: 68KB