94a6c4a41e3501f7d6f0f1721e1dee6b_JaffaCakes118

General

Target

94a6c4a41e3501f7d6f0f1721e1dee6b_JaffaCakes118
Size

793KB
MD5

94a6c4a41e3501f7d6f0f1721e1dee6b
SHA1

3d1375bf7f5ba74d3bd8bb7d9436facd7c88be5f
SHA256

921620be5cf4d4b3b942796ee68d5f729a982a3cc4844cab6822a7f125cb35bd
SHA512

1bffd088d8ef3a6b730cba0a1f1cf47693fbabc880920c255dd1781f23b473bb5f7ff8a7e765a059f11a9c6e7a0e6577afcfe652fe0310a815ff680c73bca958
SSDEEP

24576:6c15eZgK87JJ3bag9lAOvH/wO0o8meXzg+j5Pspv:605eZR8PWg9lhvfwOl8y+9P4v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94a6c4a41e3501f7d6f0f1721e1dee6b_JaffaCakes118

Files

94a6c4a41e3501f7d6f0f1721e1dee6b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a12000539e9acbc571452b93a1568346

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

nddeapi

ord603
ord503
ord610
ord511
ord501

kernel32

TlsFree
GetCPInfoExW
GetLastError
GetConsoleCP
GetCurrentThreadId
OpenThread
VirtualAlloc
GetCPInfoExA
GetLocaleInfoA
GetCurrentProcessId
ExpungeConsoleCommandHistoryW
GlobalReAlloc
Process32Next
SetLastError
ExitProcess
SetLocaleInfoA
GetCurrentProcess
OpenMutexW
FindFirstFileExW
UnlockFile
OpenProcess
AddAtomW
RemoveDirectoryA
GetNumberFormatA
GetCurrentThread

msvcrt

exit
strcspn
signal
_stati64
iswalnum
??_U@YAPAXI@Z
_CIlog
_ctime64
_open

tapi32

tapiGetLocationInfoW
lineGetIDA
lineInitializeExW
tapiGetLocationInfo
lineGetMessage
lineGetCountryW
lineMakeCallA
lineGetCallStatus
lineNegotiateAPIVersion
lineGetTranslateCapsA
lineSetStatusMessages
lineDevSpecific

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 5KB - Virtual size: 952KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbs
Size: 2.9MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbs
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a12000539e9acbc571452b93a1568346

Headers

File Characteristics

Imports

nddeapi

kernel32

msvcrt

tapi32

Sections

.text Size: 7KB - Virtual size: 7KB

.CRT Size: 5KB - Virtual size: 952KB

.textbs Size: 2.9MB - Virtual size: 5.0MB

.tls Size: - Virtual size: 4KB

.textbs Size: 512B - Virtual size: 24B

.rsrc Size: 60KB - Virtual size: 59KB

.text
Size: 7KB - Virtual size: 7KB

.CRT
Size: 5KB - Virtual size: 952KB

.textbs
Size: 2.9MB - Virtual size: 5.0MB

.tls
Size: - Virtual size: 4KB

.textbs
Size: 512B - Virtual size: 24B

.rsrc
Size: 60KB - Virtual size: 59KB