ef8554373a2cc64f2595e6d777b95f9d_JaffaCakes118

General

Target

ef8554373a2cc64f2595e6d777b95f9d_JaffaCakes118
Size

143KB
MD5

ef8554373a2cc64f2595e6d777b95f9d
SHA1

28610c5488cc29a7c5bba2c36c1763b459ff3fef
SHA256

635d32a6dd71e8bfea7d31d35c54ba7e8a5fd57f33167a111ad4111f7be2a6d2
SHA512

c2a1163f0bd2069d4867f26f0829c0099d89e90c73eb59b6f9a05051c48b25b9a284e1c0c2306d71cc8c7882094301b4f1d9a2ebeaf7cf761456f9aafc6a68d9
SSDEEP

1536:Yvv4lK/lMmExmipmkF1gSaWWNkRD7JbqRqGN6Pp7sPlaxK5Gb+kv4ds4nXd1HdvK:1ySxlwS5WNOc6ta15zkv587H5c+YMlY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef8554373a2cc64f2595e6d777b95f9d_JaffaCakes118

Files

ef8554373a2cc64f2595e6d777b95f9d_JaffaCakes118
.exe windows:1 windows x86 arch:x86

a1bda55ea7f71557942d74a12928eef5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
CreateThread
GetVersionExA
GetEnvironmentVariableA
MulDiv
IsDebuggerPresent
SetLastError
RaiseException
GetConsoleCP
WaitForSingleObject
MultiByteToWideChar
InitializeCriticalSection
UnhandledExceptionFilter
GetStartupInfoA
GlobalAddAtomA
GetProcAddress
GetTickCount
GetModuleHandleA
GetVersion
lstrcpyA
CreateEventW
GetFileType
TlsAlloc
ResetEvent
SetEvent
TlsGetValue
HeapFree
GetSystemInfo
GetFileAttributesA
PulseEvent
QueryPerformanceFrequency
lstrcatA
FileTimeToSystemTime
GetConsoleMode
GetLocaleInfoA
QueryPerformanceCounter
GetCurrentThreadId
HeapAlloc
GlobalAlloc
LeaveCriticalSection
LockResource
HeapCreate
TlsSetValue

msvcrt

longjmp
_initterm
_vscprintf
exit
_dup
_ui64toa
_controlfp
_wunlink
_ismbclegal
_acmdln
_except_handler3
fsetpos
_waccess
__getmainargs
sinh
ftell
_adjust_fdiv
_mbsicoll
vfwprintf
_heapmin
_wtmpnam
iswpunct
wcsspn
_fpreset
__setusermatherr
_XcptFilter
_mbsbtype
_wtoi64
memcpy
_creat
wcsftime
_exit
__p__fmode
memset
_outp
_cscanf
_longjmpex
strspn
setvbuf
_mbsstr
_heapadd
__p__commode
_chgsign
_wutime64
signal
_cgetws
_mbsdup
_sleep
__set_app_type

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 142B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1bda55ea7f71557942d74a12928eef5

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 129KB - Virtual size: 129KB

.data Size: 512B - Virtual size: 142B

.rsrc Size: 512B - Virtual size: 124B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 129KB - Virtual size: 129KB

.data
Size: 512B - Virtual size: 142B

.rsrc
Size: 512B - Virtual size: 124B