ef60121099754fda0908867f7b58c5e3_JaffaCakes118

General

Target

ef60121099754fda0908867f7b58c5e3_JaffaCakes118
Size

176KB
MD5

ef60121099754fda0908867f7b58c5e3
SHA1

24e57a931dc6fa15ed33dd410f4cfccc5ad0b5ee
SHA256

912a5fc6f834551282b6a522a852d8323bb1946ce094b0aad498cef735e17656
SHA512

9e0cd7c57f66d2287bd8cb9fe18968c1d7a0a61c7df134fda4944543fca799d4aea2356456e4700d7d6533e5dedb28cbafe4735f6dce4e2cb733d80fa66c9a0c
SSDEEP

3072:TYEROFLyOcz6fHcALi1lr+rdN1hB87fTIwHCX0SAWacMh4YaM5iRqHZzibwte8AP:TY3F+OlJi1N+rtWFspQXeqRMXP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef60121099754fda0908867f7b58c5e3_JaffaCakes118

Files

ef60121099754fda0908867f7b58c5e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

503668dcc0063cef7926cab3058bcc78

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationA
DeleteCriticalSection
GetLocalTime
CreateFileA
GetModuleHandleA
InitializeCriticalSection
EnterCriticalSection
RemoveDirectoryW
FindFirstFileW
FindNextFileW
TlsGetValue
TlsAlloc
GetCurrentProcess
GetProfileStringW
LocalAlloc
GetOEMCP
GetACP
CompareStringW
CompareStringA
GetCPInfo
ReadFile
SetEndOfFile
LoadLibraryA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
GetModuleFileNameA
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
WideCharToMultiByte
GetStartupInfoW
GetVersion
ExitProcess
GetLastError
CloseHandle
WriteFile
TerminateProcess
SetFilePointer
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetProcAddress
MultiByteToWideChar
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
RtlUnwind
SetEnvironmentVariableA

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

wininet

InternetSetOptionA
InternetConnectA
InternetReadFile
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 148KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

503668dcc0063cef7926cab3058bcc78

Headers

File Characteristics

Imports

kernel32

winspool.drv

wininet

Sections

.text Size: 148KB - Virtual size: 144KB

.data Size: 20KB - Virtual size: 363KB

.rsrc Size: 4KB - Virtual size: 952B

.text
Size: 148KB - Virtual size: 144KB

.data
Size: 20KB - Virtual size: 363KB

.rsrc
Size: 4KB - Virtual size: 952B