c94c389b36a1c32fe0af1ef307d2a4d7_JaffaCakes118

General

Target

c94c389b36a1c32fe0af1ef307d2a4d7_JaffaCakes118
Size

88KB
MD5

c94c389b36a1c32fe0af1ef307d2a4d7
SHA1

f58296c1eca8c7e1beb568c50f0d9eef02bd8752
SHA256

94e31a16875a2897e812f7cd0701754726dfc98ddca87f43120face2c8c6edc4
SHA512

85db9c7e1a4616de69074ea91e8f029698ce0a51fc2129bcc7691995af2e23f5245e480823d9dbac6c3efa64530df6841f50a482fdd0ccb631c77ead23a6f695
SSDEEP

768:LXtMtyD/yDFhauaQMZxn1OaEiB9NzTMTnKI7B7CKUturR+1HV9fJMI:72ELyDzabRfnvHTQAhC+tDJL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c94c389b36a1c32fe0af1ef307d2a4d7_JaffaCakes118

Files

c94c389b36a1c32fe0af1ef307d2a4d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

588aab48e1e2ee81429e1181f11bc141

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ord906
ord932
ord469
ord935
ord941
ord468
ord923
ord922
ord106
ord768
ord921
ord125
ord919
ord48
ord669
ord78
ord833
ord824
ord198
ord202
ord577
ord926
ord217
ord576
ord590
ord236
ord397
ord450
ord901
ord341
ord240
ord367
ord777
ord518
ord868
ord508
ord388
ord247
ord428
ord425
ord606
ord702
ord514
ord558
ord871
ord510
ord512
ord330
ord344
ord424
ord309
ord329
ord327
ord888
ord233
ord232
ord365
ord849
ord557
ord832
ord401
ord176
ord571
ord422
ord259

user32

ord435
ord159
ord346
ord452
ord350
ord457
ord572
ord199
ord512
ord438
ord197
ord152
ord268
ord677
ord377
ord635
ord477
ord276
ord444
ord274
ord256
ord644
ord97
ord269
ord555
ord596
ord195

gdi32

ord406
ord437
ord144

comdlg32

ord112
ord110

comctl32

ord22
ord17

mpegsys

ord51

mplex

ord1
ord3
ord2

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

588aab48e1e2ee81429e1181f11bc141

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

comctl32

mpegsys

mplex

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 84KB

.rsrc Size: 36KB - Virtual size: 64KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 84KB

.rsrc
Size: 36KB - Virtual size: 64KB