c7a1ed9c6123f0257e76eef95f531227_JaffaCakes118

General

Target

c7a1ed9c6123f0257e76eef95f531227_JaffaCakes118
Size

58KB
MD5

c7a1ed9c6123f0257e76eef95f531227
SHA1

931f3dbf250da1c424f5875b9ded5a57e83f358c
SHA256

b0e045e82820b2115359b2bda478b64e98e2282e30e40bda2d58b266b6b96e66
SHA512

2300383aed5ce4a63b21dcc706a697e24712c0028f01eba49edba7d8755afdfa5235627db71e328783230beafe2058805403d9ddb473576a66530781a1e495d7
SSDEEP

768:OSJFBzTsXFHgGGwyj62xuKkYY6ZZaF5/XqQXU2FgSwxPtuEjUxZwP64ddOAmU:VXBnsXFHAWKVCCQXU4gSwx1UqP68

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7a1ed9c6123f0257e76eef95f531227_JaffaCakes118

Files

c7a1ed9c6123f0257e76eef95f531227_JaffaCakes118
.dll windows:4 windows x86 arch:x86

88541e198c56f5cfd6c8ed512f75551e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
GetComputerNameW
ResetEvent
CreateEventA
CreateFileW
WideCharToMultiByte
CreateFileA
SetNamedPipeHandleState
CreateThread
MultiByteToWideChar
CloseHandle
Sleep
InterlockedIncrement
GetProcAddress
FreeLibrary
ExitThread
SetEvent
GetLastError
ReadFile
WaitForSingleObject
PeekNamedPipe
WriteFile
TransactNamedPipe
GetOverlappedResult
WaitForSingleObjectEx
GetCommandLineA
VirtualProtect
VirtualFree
LoadLibraryA
VirtualAlloc

advapi32

RegCloseKey
RegQueryValueExA
ReportEventA
RegOpenKeyExA

msvcr71

_except_handler3
memmove
_initterm
sprintf
getenv
_wcsicmp
swprintf
_wgetenv
wcstombs
wcslen
wcscpy
free
malloc
_adjust_fdiv
__CppXcptFilter
__dllonexit
_onexit

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 890B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88541e198c56f5cfd6c8ed512f75551e

Headers

File Characteristics

Imports

kernel32

advapi32

msvcr71

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 36KB - Virtual size: 69KB

.sxdata Size: 512B - Virtual size: 8B

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 1024B - Virtual size: 890B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 36KB - Virtual size: 69KB

.sxdata
Size: 512B - Virtual size: 8B

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 1024B - Virtual size: 890B