8b9092fd14d14300f832cdbf26099076_JaffaCakes118

General

Target

8b9092fd14d14300f832cdbf26099076_JaffaCakes118
Size

289KB
MD5

8b9092fd14d14300f832cdbf26099076
SHA1

b93bb36e0ba867c937c137f0bda141c7006e1631
SHA256

6e4a26d5e74691ff7132b1365c8ab3d057b9978e6330480fcb22f0d63ed2908b
SHA512

e87b3088de898b0b9aeedc7ab2fae45056c218c48dff625a35d9d8d7d30bc2b70ceef66072626f0725d470b58915a12567a893a3e2015fe2855461a00b935cd9
SSDEEP

3072:TzZLDrhcgu6TLiW3PKM0kGdQC/hoxm2IZkLHXSTdsG:TzZn1cgPTLjtIdjham2IZkD4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b9092fd14d14300f832cdbf26099076_JaffaCakes118

Files

8b9092fd14d14300f832cdbf26099076_JaffaCakes118
.exe windows:5 windows x86 arch:x86

76edce3b93b30315a258e03afb2d0c47

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
GetCurrentProcess
lstrcmpiA
GetStartupInfoA
GetCurrentThread
GetCommandLineA
GetACP
IsDebuggerPresent
GetModuleHandleA
GetCurrentProcessId
GetCommandLineW
GetVersion
lstrlenW
DeleteFileW
GlobalFindAtomW
GetConsoleOutputCP
RemoveDirectoryA
GetLastError
GetTickCount
GetCurrentThreadId
lstrcmpiW
DeleteFileA
GlobalFindAtomA
GetOEMCP
GetModuleHandleW
lstrlenA
CopyFileA
SetCurrentDirectoryA
Sleep
GetThreadLocale
VirtualAlloc
GetWindowsDirectoryA
LoadLibraryW
MulDiv
SetLastError
GetUserDefaultLangID
lstrcmpA
QueryPerformanceCounter
GetProcessHeap

user32

GetSystemMetrics
CharNextA
GetDC
GetDesktopWindow

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qereefq
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qrdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

76edce3b93b30315a258e03afb2d0c47

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 45KB - Virtual size: 44KB

.data Size: 114KB - Virtual size: 113KB

.rsrc Size: 50KB - Virtual size: 50KB

qereefq Size: - Virtual size: 4KB

.qrdata Size: 60KB - Virtual size: 60KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 45KB - Virtual size: 44KB

.data
Size: 114KB - Virtual size: 113KB

.rsrc
Size: 50KB - Virtual size: 50KB

qereefq
Size: - Virtual size: 4KB

.qrdata
Size: 60KB - Virtual size: 60KB