ba6a5de0a8539c07c6610653896a3f2f_JaffaCakes118

General

Target

ba6a5de0a8539c07c6610653896a3f2f_JaffaCakes118
Size

171KB
MD5

ba6a5de0a8539c07c6610653896a3f2f
SHA1

45c60d758ba6d5c39e4534db383606db2474d7e7
SHA256

2e4ff8c2ef216c68d5e8a6cc29b397f227b83775c27f10217cfdbeced4443b9b
SHA512

a4649d555fa08c3cf0137ce7a6017cfd8bda13311d1db0d25e1356dfd9c40b6dacd9146bca81a9fef666b42e80f4f4520f0c0b79eccf8e9efc7c77a77b3f2a60
SSDEEP

3072:kA0mzteQTpM4lCCqtDRg/iOjHht5CAOhKsrrlAs82QXjsFumgI4vHEQ4:FEMMeqtDR4iOjHhPCA8lA32QKu5DvH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba6a5de0a8539c07c6610653896a3f2f_JaffaCakes118

Files

ba6a5de0a8539c07c6610653896a3f2f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

efcb93edbf90bd5cfc4113756fbe88c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
FlushFileBuffers
WriteFile
CreateFileA
ReadFile
GetFileSizeEx
GetModuleHandleA
GetCommandLineA
GetVersionExA
HeapAlloc
RaiseException
HeapFree
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
GetLastError
LCMapStringW
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
HeapSize
SetUnhandledExceptionFilter
SetFilePointer
RtlUnwind
GetLocaleInfoA
GetCPInfo
VirtualProtect
GetSystemInfo
VirtualQuery
GetStringTypeA
GetStringTypeW
LoadLibraryA
GetACP
GetOEMCP
InterlockedExchange
IsBadReadPtr
IsBadCodePtr
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SetStdHandle

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

efcb93edbf90bd5cfc4113756fbe88c4

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 14KB - Virtual size: 19KB

.rsrc Size: 118KB - Virtual size: 118KB

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 14KB - Virtual size: 19KB

.rsrc
Size: 118KB - Virtual size: 118KB