ea1f6b05cc8b1676b6a46ad9ae83141a_JaffaCakes118

General

Target

ea1f6b05cc8b1676b6a46ad9ae83141a_JaffaCakes118
Size

212KB
MD5

ea1f6b05cc8b1676b6a46ad9ae83141a
SHA1

6760b72d4f67cf0b103e27dce8289a8007bcefdd
SHA256

643c7b7d4d0a1fc246fbd8fdf09d4066689af4a8fbb64020758e1df1c7ca5875
SHA512

bbf2728e78934d5bc9536bf215f66a189cacc41e98c9aa339a2ade18d8962114803ba5bda1b2ec7cdfaa7752835c1062427a3314ba1f56d11d52f242f76bb7ec
SSDEEP

3072:+5oGJUhO+g3CoDNZ/vpACknIl9eZsUJ1jEHLtyKKElQVJzmORlJXvMX/WYHVkGIU:+5oTYvpAYeWQBMQv6C2OY1kGImj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea1f6b05cc8b1676b6a46ad9ae83141a_JaffaCakes118

Files

ea1f6b05cc8b1676b6a46ad9ae83141a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

72006981b0a2307b4541329902a7a774

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadSelectorEntry
HeapFree
ReleaseSemaphore
ExitProcess
OpenFileMappingA
CreateFileMappingA
GetFileAttributesA
GetConsoleAliasesLengthW
MultiByteToWideChar
ConnectNamedPipe
lstrlen
LockFile
GlobalDeleteAtom
GetPrivateProfileStringA
ReadConsoleA
GetCommState
WriteConsoleInputA
OpenWaitableTimerA
SetConsoleHardwareState
GetFileTime
EnumSystemLocalesA
GetSystemDirectoryA
FindCloseChangeNotification
SetPriorityClass
GetProcessVersion
MapUserPhysicalPagesScatter
FillConsoleOutputAttribute
OpenEventA
OpenSemaphoreA
LocalShrink
CancelTimerQueueTimer
GetPrivateProfileSectionNamesW
DeleteTimerQueueEx
AllocConsole
GetUserDefaultLangID
IsBadHugeWritePtr
GetProcessId
GetThreadIOPendingFlag
SetThreadUILanguage
GetTimeZoneInformation
GetNativeSystemInfo
IsBadHugeWritePtr
WriteConsoleInputA
MoveFileWithProgressA
GetConsoleCP
BuildCommDCBAndTimeoutsW
GetFileType
GetProcessShutdownParameters
SleepEx
GetExitCodeProcess
SetInformationJobObject
Thread32First
HeapCreate
VirtualAlloc
SetProcessPriorityBoost
WaitCommEvent
IsBadHugeWritePtr
SetTapePosition
QueryInformationJobObject

tapi32

lineAddProviderA

Sections

.itext
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 60KB - Virtual size: 720KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72006981b0a2307b4541329902a7a774

Headers

File Characteristics

Imports

kernel32

tapi32

Sections

.itext Size: - Virtual size: 1KB

.text Size: 60KB - Virtual size: 720KB

.idata Size: 56KB - Virtual size: 53KB

.rsrc Size: 92KB - Virtual size: 88KB

.itext
Size: - Virtual size: 1KB

.text
Size: 60KB - Virtual size: 720KB

.idata
Size: 56KB - Virtual size: 53KB

.rsrc
Size: 92KB - Virtual size: 88KB