e1409cbc71ce23b620e8e5d48acb066f_JaffaCakes118

General

Target

e1409cbc71ce23b620e8e5d48acb066f_JaffaCakes118
Size

131KB
MD5

e1409cbc71ce23b620e8e5d48acb066f
SHA1

e903e3f913bb03b30953f64eb3b0526759743909
SHA256

d2461a3148fdbdb21abe7afd7cdc9da2f54a3f7ee2a2f0c9a2b6427eae5fcb58
SHA512

3ce9be25fe87439636e6b7b27de2092616a2946a558b9e84460f6a46bd6535d8252af0f2073541065e3f3e1bae0aa6bad9d539ce005ed84c0af775cc5337847f
SSDEEP

3072:1oHildWrfryjMuRO27Km1u83eQS/rAIVzZJVo:1NUfryAuJO8u8OLVN3o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1409cbc71ce23b620e8e5d48acb066f_JaffaCakes118

Files

e1409cbc71ce23b620e8e5d48acb066f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ef0f9df94c4acfffb3b5c2746ab4c8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
CreateProcessA
GetModuleFileNameA
GetSystemDefaultLangID
GetPrivateProfileStringA
GetFileType
GetStdHandle
CloseHandle
RtlUnwind
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapFree
GetCPInfo
GetACP
GetOEMCP
SetUnhandledExceptionFilter
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetVersion
SetHandleCount
FlushFileBuffers
LCMapStringA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
HeapReAlloc
IsBadWritePtr
MultiByteToWideChar
GetLastError
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetFilePointer
GetProcAddress
LoadLibraryA
SetStdHandle

user32

MessageBoxA
LoadStringA

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nrdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3ef0f9df94c4acfffb3b5c2746ab4c8f

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 28KB - Virtual size: 24KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 2KB

.nrdata Size: 76KB - Virtual size: 76KB

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 2KB

.nrdata
Size: 76KB - Virtual size: 76KB