b06b420061e2a5908c6a6f8a2dcfcce0_JaffaCakes118

General

Target

b06b420061e2a5908c6a6f8a2dcfcce0_JaffaCakes118
Size

268KB
MD5

b06b420061e2a5908c6a6f8a2dcfcce0
SHA1

30a68844d969273850d47219ad30a032f5f7fe88
SHA256

8a0540bf7fd76b74045259b660ba898f7c91721b8308547112dadcf1e387dc4b
SHA512

438d4c9b5d527f94987da949a7c6a0197945ccfe6fb3916c0667124acaacc622657afd86b598ec653362191bc5233a91efe48e442f897f0159c647f01f44ba11
SSDEEP

6144:8Kq9HeUcVuf/mp1YJQ0ikZVGhPwuvOinHPNwHW6AszFi:8DpeUxf/mpyJpi0VGmGOin1n6vi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b06b420061e2a5908c6a6f8a2dcfcce0_JaffaCakes118

Files

b06b420061e2a5908c6a6f8a2dcfcce0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6c36b0629b990c89a9bb5cc92699cf77

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

InitializeCriticalSection
GetProcAddress
LocalFree
RaiseException
LocalAlloc
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
ResumeThread
WriteProcessMemory
GetPrivateProfileSectionA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
RtlUnwind
GetStringTypeW

oleaut32

GetRecordInfoFromGuids
GetRecordInfoFromTypeInfo
SysFreeString
LoadTypeLi

Sections

0
Size: - Virtual size: 384KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 210KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 43KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: 6KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6c36b0629b990c89a9bb5cc92699cf77

Headers

File Characteristics

Imports

kernel32

oleaut32

Sections

0 Size: - Virtual size: 384KB

1 Size: 210KB - Virtual size: 212KB

2 Size: 4KB - Virtual size: 8KB

3 Size: 43KB - Virtual size: 66KB

4 Size: 3KB - Virtual size: 3KB

5 Size: 6KB - Virtual size: 28KB

0
Size: - Virtual size: 384KB

1
Size: 210KB - Virtual size: 212KB

2
Size: 4KB - Virtual size: 8KB

3
Size: 43KB - Virtual size: 66KB

4
Size: 3KB - Virtual size: 3KB

5
Size: 6KB - Virtual size: 28KB