bbce01f56934e4af1dfb1b917a9fe706_JaffaCakes118

General

Target

bbce01f56934e4af1dfb1b917a9fe706_JaffaCakes118
Size

200KB
MD5

bbce01f56934e4af1dfb1b917a9fe706
SHA1

7b2c703d291dce95dce60b37759d6415fcbf5429
SHA256

871ba0d5740a849b0de4dc7ec7640256435b9d91d5bf2ad679d4fba9b43fae86
SHA512

c2ba484f90ae51123c270ee2c499e1a7a0ab039c20067195d6017241e37038bff1476a03071b76cc0f9734a7b0545cb9b975b9e70db1d6de58734da4968f30a0
SSDEEP

3072:OSTPBeMESdkky74YRCQPyI57Ie0ZZFtvnJ38iDard0VMT37MlEB7ae:3PRCky7XTn57IOiSlclm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbce01f56934e4af1dfb1b917a9fe706_JaffaCakes118

Files

bbce01f56934e4af1dfb1b917a9fe706_JaffaCakes118
.exe windows:4 windows x86 arch:x86

96a032b1d479e415a2be27197032358e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringW
lstrlenW
GetEnvironmentVariableW
EnterCriticalSection
Sleep
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
HeapReAlloc
HeapAlloc
GetModuleHandleA
GetStartupInfoW
GetVersion
RtlUnwind
RaiseException
HeapSize
GetLastError
CloseHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
WriteFile
GetModuleFileNameA
SetFilePointer
FlushFileBuffers
WideCharToMultiByte
SetUnhandledExceptionFilter
GetCPInfo
SetStdHandle
CreateFileA
GetProcAddress
LoadLibraryA
IsBadReadPtr
IsBadCodePtr
ReadFile
GetStringTypeA
GetStringTypeW
SetEndOfFile
LCMapStringA
LCMapStringW
GetACP
GetOEMCP
FreeLibrary
LocalAlloc

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 992KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96a032b1d479e415a2be27197032358e

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 88KB - Virtual size: 992KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 88KB - Virtual size: 992KB

.reloc
Size: 8KB - Virtual size: 5KB