9472d85e7d66c5e66515d8de92aa2c34_JaffaCakes118

General

Target

9472d85e7d66c5e66515d8de92aa2c34_JaffaCakes118
Size

560KB
MD5

9472d85e7d66c5e66515d8de92aa2c34
SHA1

ad37d0fe0e3e16516c374f4259bcb0888ca5ad57
SHA256

197d2a03c14d21346e587c750c46f3469e9b1fda4c1e29a808f3178db2d2eea7
SHA512

2ed2f200da800571577359d03a6d916b28ff1deb238319850852ff8180dace308669c3e12f0da34eadb6a52a1c32cf2fdf8716d06ca96ef13792a506a1af54d6
SSDEEP

12288:95z/JAzM7IyDrNPOOFpTBOGW62+RaMq8kSeYnD2nOvmrhRfIt:95z/mz0tDpmApQb6qMq1zAYOvCAt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9472d85e7d66c5e66515d8de92aa2c34_JaffaCakes118

Files

9472d85e7d66c5e66515d8de92aa2c34_JaffaCakes118
.exe windows:4 windows x86 arch:x86

942f7104a6c3eb2c591b7412f5cda9e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
VirtualAlloc
GetCurrentThreadId
GetTickCount
FormatMessageA
Sleep
FindClose
CreateEventA
CreateFileW
LoadResource
WideCharToMultiByte
GetTimeZoneInformation
TerminateProcess
ExpandEnvironmentStringsA
GetACP
GetSystemTimeAsFileTime
CloseHandle
InterlockedExchange
SetFilePointer
MapViewOfFile
GetCPInfo
CompareStringW
SetStdHandle
MultiByteToWideChar
UnhandledExceptionFilter
GetCurrentDirectoryA
GetModuleHandleW
GetFileSize
GetLocaleInfoA
SizeofResource
FreeEnvironmentStringsA
GetModuleFileNameA
LoadLibraryA
GetEnvironmentStringsW
TlsAlloc
HeapAlloc
GetDriveTypeA
WaitForSingleObject
lstrlenA
HeapCreate
EnterCriticalSection
GetStdHandle
GetLastError
GetProcessHeap
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCurrentProcess
FreeEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
GetFileType
TlsSetValue
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
LeaveCriticalSection
GetOEMCP
HeapReAlloc
GetProcAddress
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 508KB - Virtual size: 504KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

942f7104a6c3eb2c591b7412f5cda9e1

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 508KB - Virtual size: 504KB

.data Size: 24KB - Virtual size: 25KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 508KB - Virtual size: 504KB

.data
Size: 24KB - Virtual size: 25KB