b0407c09613fe906113c86ee40c92b89_JaffaCakes118

General

Target

b0407c09613fe906113c86ee40c92b89_JaffaCakes118
Size

224KB
MD5

b0407c09613fe906113c86ee40c92b89
SHA1

17b0d0f563e59336166f317ccc034d752c1e942c
SHA256

895633b251031e3b9372c79d6d9fa43cb25eb233e0328cda45c12faac0821ee8
SHA512

c0a75f5234c22358b388ab7c0c861ab67f87caf7bba93c745e5d5719909a35e1ded462cc104b57d176698a8eaa14ec255b77367a1f5ba1702b42707fac3e24e5
SSDEEP

3072:+iXLmdLf5RvZulm85viyXCNUuE6DE1GmTLoTvndYZ+mwgCofnANCWCnW8GvIKqyT:exRrS5JSe441RLo+ZY2WCnAIKU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0407c09613fe906113c86ee40c92b89_JaffaCakes118

Files

b0407c09613fe906113c86ee40c92b89_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b8711849f0be081ed6f9f9c50502673

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetCurrentThread
GetVersion
SetThreadLocale
GetEnvironmentStrings
GetStringTypeW
LoadLibraryA
LocalAlloc
LoadLibraryExA
ExitThread
GetDiskFreeSpaceA
GetCurrentProcessId
FreeLibrary
LocalFree
VirtualAllocEx
ResetEvent
GetOEMCP
FindFirstFileA
IsBadReadPtr
lstrcpyA
GetCurrentThreadId
lstrcmpiA
LoadResource
SetEvent
GetStartupInfoA
GlobalDeleteAtom
GetCurrentProcess
HeapFree
FreeResource
WriteFile
GetProcAddress
GetModuleHandleA
GlobalAddAtomA
CreateFileA
MoveFileExA
GetFileType
GetModuleHandleW
GetUserDefaultLCID
lstrlenW
GetLocalTime
GetCommandLineA
ReadFile
FindClose
lstrcatA
SetFilePointer
GetThreadLocale
GlobalAlloc
ExitProcess
lstrlenA
CompareStringA
MoveFileA
GetStdHandle
SetLastError

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 4KB - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b8711849f0be081ed6f9f9c50502673

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 64KB - Virtual size: 62KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 77KB

BSS Size: 4KB - Virtual size: 159B

.hdata Size: 124KB - Virtual size: 120KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 64KB - Virtual size: 62KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 77KB

BSS
Size: 4KB - Virtual size: 159B

.hdata
Size: 124KB - Virtual size: 120KB

.rsrc
Size: 8KB - Virtual size: 7KB