ef05f92011b73f22c28f58ad87c95c52_JaffaCakes118

General

Target

ef05f92011b73f22c28f58ad87c95c52_JaffaCakes118
Size

45KB
MD5

ef05f92011b73f22c28f58ad87c95c52
SHA1

7cda1ce6283f9031eab039b8fa5af5c508239e90
SHA256

593e32fa5513774112134759df27086af60f8596270556d24deaa6f7692de25d
SHA512

662dfa375781fd72c758ca959561bfe647ea2fcc29e046d1b06565b1e7e7decfe647cb6cd5d3947ef84086b9758fc99d12c31b77e186c9d42ee30d39d7db9bf2
SSDEEP

768:cWMOb+NmcRxOeVJtvqEo5LMUQJmRc6MYOZsy:v6qeVJotLMUQJmSBZsy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef05f92011b73f22c28f58ad87c95c52_JaffaCakes118

Files

ef05f92011b73f22c28f58ad87c95c52_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f77f20017c97cdbe114c0ea449165873

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

WaitForSingleObjectEx
TerminateProcess
WriteProcessMemory
GetSystemTimeAsFileTime
GetStartupInfoA
VirtualProtect
LoadLibraryExW
LoadLibraryA
WaitForSingleObject
ReadProcessMemory
GetProcAddress
LoadLibraryA
VirtualProtect
FreeConsole
CreateProcessA
WaitForSingleObjectEx
SleepEx
GetStartupInfoA
CreateProcessW
CreateProcessA
GetSystemTimeAsFileTime
DeviceIoControl
SleepEx
GetStartupInfoW

winmm

DrvGetModuleHandle
OpenDriver
DrvGetModuleHandle
OpenDriver
timeGetDevCaps
GetDriverModuleHandle
timeGetDevCaps
timeGetDevCaps
DrvGetModuleHandle
DrvGetModuleHandle
waveOutReset
OpenDriver
DrvGetModuleHandle
timeGetDevCaps
DrvGetModuleHandle
DrvGetModuleHandle
timeGetDevCaps
DrvGetModuleHandle
timeGetDevCaps
timeGetDevCaps

Sections

.text
Size: 31KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.BitDef
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f77f20017c97cdbe114c0ea449165873

Headers

File Characteristics

Imports

kernel32

winmm

Sections

.text Size: 31KB - Virtual size: 68KB

.BitDef Size: 4KB - Virtual size: 4KB

.data Size: 5KB - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 31KB - Virtual size: 68KB

.BitDef
Size: 4KB - Virtual size: 4KB

.data
Size: 5KB - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB