c280dd66df32cad1c78068c1e5f5148d_JaffaCakes118

General

Target

c280dd66df32cad1c78068c1e5f5148d_JaffaCakes118
Size

9KB
MD5

c280dd66df32cad1c78068c1e5f5148d
SHA1

83c188b6a2194c191b1105675708a0a314bc4310
SHA256

bdeacbf9f0bdb2fc814ab5fc28ff37e6dccec533b52ba847f12511185eaf6b40
SHA512

daab94e4d0cd47fabdf4e0db033a0847e2fe415c66a20a1aca82e1f0d2eedbb973f441dd946ef54d6dcf98c3e943a5740ad63740f64b981e2ed7259679fb2f37
SSDEEP

96:Ph3p5tDLzDV6YmOISPl3SiyKeJdyiDJUpx5nr2buX51uzrjdVAd6zzCtYhOY:Ph33mDS82XhrbszrjdVW6zqD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c280dd66df32cad1c78068c1e5f5148d_JaffaCakes118

Files

c280dd66df32cad1c78068c1e5f5148d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4bb69a1a79275b87bfc80ee67d743c7e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr100

_controlfp_s
_invoke_watson
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_except_handler4_common
memset

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DecodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
EncodePointer
GetStartupInfoW
HeapSetInformation
InterlockedCompareExchange
Sleep
InterlockedExchange
OpenMutexA
CreateMutexA
FindResourceA
SizeofResource
LoadResource
LockResource
GetModuleHandleA
CloseHandle
GetCurrentProcessId
Process32Next
Process32First
CreateToolhelp32Snapshot
GetModuleFileNameA
GetProcAddress

advapi32

GetUserNameA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 570B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4bb69a1a79275b87bfc80ee67d743c7e

Headers

DLL Characteristics

File Characteristics

Imports

msvcr100

kernel32

advapi32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 924B

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 1024B - Virtual size: 570B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 924B

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 1024B - Virtual size: 570B