a6d6980b66091a5c0a08ecf12863218d_JaffaCakes118

General

Target

a6d6980b66091a5c0a08ecf12863218d_JaffaCakes118
Size

172KB
MD5

a6d6980b66091a5c0a08ecf12863218d
SHA1

17243cfaca98d5cf7a4adac50e4dfb5205987f83
SHA256

4515c86e51e7cbf06cea33a7bfbc803e2295d6e34ec24cbcfb0d41f6c691f107
SHA512

178430880afcff488600d59834488c33349aa3836792c0f68ce9aa04a649c3444622644a080a8d29d19d5ccaa4da5da8b548331f9d58b1a4ae282ba32a333eeb
SSDEEP

1536:fGO8sjPnojMRLHS9uh49LZwqBmmwvkxOebHLoYkgVTr8YbcSH4Nz+O02knXzcRo6:f4sjvnh49hoCddbt4on227ZbpV8PbLc2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6d6980b66091a5c0a08ecf12863218d_JaffaCakes118

Files

a6d6980b66091a5c0a08ecf12863218d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ab4cb97b8bc0580bf23781a6166de27e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
free
malloc
_initterm

mpr

WNetOpenEnumW

kernel32

DisableThreadLibraryCalls

ntdll

NtAllocateVirtualMemory

rpcrt4

CStdStubBuffer_IsIIDSupported
NdrDllUnregisterProxy
CStdStubBuffer_QueryInterface
CStdStubBuffer_Connect
CStdStubBuffer_DebugServerQueryInterface
NdrCStdStubBuffer2_Release
NdrDllRegisterProxy
CStdStubBuffer_AddRef
NdrStubForwardingFunction
CStdStubBuffer_Invoke
NdrStubCall2
CStdStubBuffer_Disconnect
NdrDllCanUnloadNow
NdrOleAllocate
NdrOleFree
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
CStdStubBuffer_CountRefs
NdrDllGetClassObject
CStdStubBuffer_DebugServerRelease
NdrCStdStubBuffer_Release
IUnknown_QueryInterface_Proxy

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab4cb97b8bc0580bf23781a6166de27e

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

mpr

kernel32

ntdll

rpcrt4

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 40KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 512B - Virtual size: 20B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 40KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 512B - Virtual size: 20B