b265eaaad8541f9cb2996050aa79f123_JaffaCakes118

General

Target

b265eaaad8541f9cb2996050aa79f123_JaffaCakes118
Size

223KB
MD5

b265eaaad8541f9cb2996050aa79f123
SHA1

ff84d64b73270e7fbc99d07c20f919d27a0691e7
SHA256

b4efa929bdb4496c37364ede5fa31ebe3d2160935ace91df0d03c7e855712052
SHA512

b217d170d0d8102e74f5897efaf23cac580facc9d105032d734c31798dab32907ee4832732b0028d8ded6a8b42077525d3f44b66f99eea8ecfabe52aaadb5e54
SSDEEP

3072:Z0ov3IuvsNSupOexHw1UJ6w13dpFgxHJd4QsYXkvbUVvKtwTDqvI0pF4y2t0:Z0oLvsIexsUvdUx62ytwT2hpF9b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b265eaaad8541f9cb2996050aa79f123_JaffaCakes118

Files

b265eaaad8541f9cb2996050aa79f123_JaffaCakes118
.exe windows:1 windows x86 arch:x86

aab25d641d04fa52635a91497b4040c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_initterm
__setusermatherr
strerror
_controlfp
_except_handler3
memmove
_spawnvpe
_wstat64
_mbsnbcmp
_exit
_mktime64
_popen
_set_error_mode
bsearch
_strnset
_inpd
_control87
_spawnlpe
_callnewh
_read
_cgetws
_mbsnbset
_wgetenv
_mbsicoll
wcsncat
_strnicoll
_wfindnext
wcscpy
_adjust_fdiv
abort
memcpy
fclose
__getmainargs
_getdcwd
exit
__p__fmode
_fputwchar
_itow
_XcptFilter
_wstati64
_wstrdate
_acmdln
cosh
_mbsncoll
__p__commode
_wspawnlpe
_ctime64
_spawnl
_hypot
__set_app_type

kernel32

GetSystemTimeAsFileTime
HeapAlloc
SetUnhandledExceptionFilter
CreateEventW
GetCurrentProcess
ResetEvent
GetFileTime
lstrcpynA
GetEnvironmentStringsW
GetProcAddress
HeapCreate
SetProcessWorkingSetSize
GetEnvironmentStrings
FileTimeToLocalFileTime
SetEnvironmentVariableA
GetFileAttributesA
SetStdHandle
LocalAlloc
lstrcpyA
GetModuleHandleA
CreateEventA
IsValidCodePage
GetCommandLineW
FindClose
SetLastError
GetStartupInfoA
GetVersionExA
HeapSize
GetDriveTypeA
GetVersion
GetTickCount
Module32Next
ReadFile
SetHandleCount
QueryPerformanceFrequency
QueryPerformanceCounter
GetStdHandle

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 151B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aab25d641d04fa52635a91497b4040c8

Headers

File Characteristics

Imports

msvcrt

kernel32

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 210KB - Virtual size: 209KB

.data Size: 512B - Virtual size: 151B

.rsrc Size: 512B - Virtual size: 100B

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 210KB - Virtual size: 209KB

.data
Size: 512B - Virtual size: 151B

.rsrc
Size: 512B - Virtual size: 100B