a0d7260d21d047d87fbe8b6197bba31a_JaffaCakes118

General

Target

a0d7260d21d047d87fbe8b6197bba31a_JaffaCakes118
Size

853KB
MD5

a0d7260d21d047d87fbe8b6197bba31a
SHA1

3434556a0b53760adeed96fbc29f2c75dd3a3666
SHA256

14efcf0970cad072cf03e359813c2782bfa521c65352c4125459cc3f6a4a6d32
SHA512

efdc99ba8e96dde61d882caaef0c6747066638da1c834a7f3869cc54578c1e90c1ef0a2c92140c70e641ac82e44848ce41a398604865740c2bfeb51284281c13
SSDEEP

24576:Cwa2vAmbVeIXbrc7uHIeM5qRrtVvomEGWkUxaw3RpL:C12hQAV6q//RwPL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0d7260d21d047d87fbe8b6197bba31a_JaffaCakes118

Files

a0d7260d21d047d87fbe8b6197bba31a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e1a4ec586e6863b84bf0537ee5731c32

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__setusermatherr
__p__commode
_exit
__set_app_type
exit
wcstol
iswdigit
iswspace
__getmainargs

advapi32

RegCreateKeyExW
ReportEventW
AllocateAndInitializeSid
RegCloseKey

kernel32

GetModuleHandleW
TlsFree
WriteConsoleA
GetStartupInfoW
FindNextFileA
IsBadWritePtr
ExitThread
SystemTimeToFileTime
FreeResource
GetCPInfo
GlobalUnlock
LoadResource
SetFileAttributesA
InterlockedCompareExchange
GetComputerNameW
GetVersion
TlsGetValue
SetLastError
GlobalSize
GetTimeZoneInformation
VirtualAlloc
GetDriveTypeA
DeleteCriticalSection
CompareStringA
TlsSetValue
ResetEvent
GetLocaleInfoA
LockResource
CreateFileMappingW
IsProcessorFeaturePresent
TerminateProcess
GlobalFree
GlobalLock
GetDriveTypeW
FindResourceA
GetCommandLineW
GetLastError
ReadFile
GetVersionExW
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
GetSystemTimeAsFileTime
lstrcmpiA
FreeEnvironmentStringsA
HeapSize
SetCurrentDirectoryA
GetFullPathNameW

Sections

.text
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 494KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1a4ec586e6863b84bf0537ee5731c32

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

Sections

.text Size: 131KB - Virtual size: 131KB

.rdata Size: 224KB - Virtual size: 224KB

.data Size: 494KB - Virtual size: 1.9MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 131KB - Virtual size: 131KB

.rdata
Size: 224KB - Virtual size: 224KB

.data
Size: 494KB - Virtual size: 1.9MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 1024B