cfeb2bc47dbb937057e6a664b742f09c_JaffaCakes118

General

Target

cfeb2bc47dbb937057e6a664b742f09c_JaffaCakes118
Size

84KB
MD5

cfeb2bc47dbb937057e6a664b742f09c
SHA1

3512b16b98008266a8339b91d497a43c1f99cf63
SHA256

bb772faeae3074c0bad7a63e2b0a4b7c0e708e3889307044e5d6717f55881ce5
SHA512

e259151d2138510fda85b46823e3afac230afb28b426f96ae3a5a49b36626e69fd589b6fbd5dc4fcab12c40db46eb37dc64ab07abe9c627a0ffacf63fea43415
SSDEEP

1536:p2bXgD6Zx1Z1Xwr4FEw9Tqv42bMBFwyDtz2foOyyUMp:p2xZ/wc9AbOXxzOoONUMp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfeb2bc47dbb937057e6a664b742f09c_JaffaCakes118

Files

cfeb2bc47dbb937057e6a664b742f09c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cda1fc87477a3e43095d833c43e3846b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetComputerNameA
GetTickCount
GetSystemInfo
GetVolumeInformationA
GetTempPathA
SystemTimeToFileTime
GetSystemTime
GetModuleHandleA
GetProcAddress
LoadLibraryA
MultiByteToWideChar
WideCharToMultiByte
GetLastError
CreateThread
InterlockedDecrement
lstrcmpiA
ExitProcess
Sleep
lstrlenA
GetEnvironmentVariableA
GetShortPathNameA
LocalFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetFilePointer
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
FlushFileBuffers
RtlUnwind
GetTimeZoneInformation
GetLocalTime
TerminateProcess
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
CloseHandle
HeapReAlloc
HeapAlloc
HeapSize
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
SetStdHandle
RaiseException

user32

wsprintfA

ole32

CoUninitialize
CoCreateInstance

oleaut32

SysAllocString
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayDestroy
VariantChangeType
SysAllocStringLen
VariantClear
SysFreeString

netapi32

NetScheduleJobEnum
NetScheduleJobAdd

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cda1fc87477a3e43095d833c43e3846b

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

netapi32

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 23KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 23KB