deaaed74569c32e02b450a1603243203_JaffaCakes118

General

Target

deaaed74569c32e02b450a1603243203_JaffaCakes118
Size

68KB
MD5

deaaed74569c32e02b450a1603243203
SHA1

95daaecfdf7d4f020ae39f9f3aa36e7fac6bb4f3
SHA256

6e4fc2d60ee008d29b9c22fd7e65170ff9d64b894a1b64445832e2efb6cf32b7
SHA512

826cdf5c1d7ba98347664d099aaa3d5924031a2679db3f4ae6b8175e5d1ace8774bffcaf303c8e08a9febb4de37e9af27f0b1eca4f3c99ac10c5b757b417e9ee
SSDEEP

1536:oiBto+iexvH+Pfp3BN4Zl3sdbQniHvqCJ:oiBtrrtePWZl3spQnSSC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
deaaed74569c32e02b450a1603243203_JaffaCakes118

Files

deaaed74569c32e02b450a1603243203_JaffaCakes118
.exe windows:4 windows x86 arch:x86

286a6b44c156eafe8aa2f8c963a5820a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQueryEx
ReadProcessMemory
GetThreadContext
CreateProcessA
GetModuleFileNameA
TerminateProcess
SetThreadContext
WriteProcessMemory
VirtualAllocEx
GetProcAddress
GetModuleHandleA
VirtualProtectEx
ResumeThread
VirtualAlloc
SetFileAttributesA
ExitProcess
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapAlloc
RaiseException
GetLastError
ReadFile
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapFree
CloseHandle
WriteFile
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
HeapSize
SetUnhandledExceptionFilter
SetStdHandle
FlushFileBuffers
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
CreateFileA
GetACP
GetOEMCP
GetCPInfo
IsBadCodePtr
SetEndOfFile
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

286a6b44c156eafe8aa2f8c963a5820a

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 8KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 8KB