efab7ff73d0329d92b0316bcf80b6002_JaffaCakes118

General

Target

efab7ff73d0329d92b0316bcf80b6002_JaffaCakes118
Size

296KB
MD5

efab7ff73d0329d92b0316bcf80b6002
SHA1

e3de9823dc395029420e16fa0f26c0b95e031888
SHA256

44a1dc318db9073633b373a97319bc1941e5ef0e2df9e5f8c46b0dd24b146df9
SHA512

a9540185f7d6d0f0f9f21ac7340159a7571d5e84908b010659de70ed35eb7e8f5d644546805ccd04ad8dda5b1687e08a55a51431025a15e66a2798192669c90c
SSDEEP

3072:UG+N2SmHCP8PNCiQISvpTCmGyDXvvdyu4kncyjJf66wT:UG8miO9/cpTCmNDXXnVf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efab7ff73d0329d92b0316bcf80b6002_JaffaCakes118

Files

efab7ff73d0329d92b0316bcf80b6002_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e149948e5c022782bd681189bc22f77f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
IsBadReadPtr
SetLastError
GetProcessHeap
HeapFree
VirtualFree
VirtualProtect
VirtualAlloc
FreeLibrary
GetModuleHandleA
OutputDebugStringA
GetFullPathNameA
LoadLibraryA
GetProcAddress
UnmapViewOfFile
CreateFileA
GetFileSize
CreateFileMappingA
CloseHandle
MapViewOfFile
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetLastError
FormatMessageA
LocalFree
lstrlen
HeapAlloc

msvcr71

_adjust_fdiv
__p__commode
__p__fmode
__setusermatherr
_except_handler3
_mbsdup
__dllonexit
_onexit
_controlfp
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
realloc
bsearch
qsort
fprintf
_iob
setbuf
getenv
atoi
malloc
free
strncmp
strrchr
__p___argv
__p___argc
strncpy
_snprintf
_strcmpi
__set_app_type

user32

GetFocus
MessageBoxA

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 268KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TEDATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e149948e5c022782bd681189bc22f77f

Headers

File Characteristics

Imports

kernel32

msvcr71

user32

Sections

.text Size: 7KB - Virtual size: 8KB

.rdata Size: 1KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 1.7MB

.rsrc Size: 268KB - Virtual size: 272KB

.TEDATA Size: 4KB - Virtual size: 4KB

.text
Size: 7KB - Virtual size: 8KB

.rdata
Size: 1KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 1.7MB

.rsrc
Size: 268KB - Virtual size: 272KB

.TEDATA
Size: 4KB - Virtual size: 4KB