efe45614d9164115be7475e21daaa45d_JaffaCakes118

General

Target

efe45614d9164115be7475e21daaa45d_JaffaCakes118
Size

231KB
MD5

efe45614d9164115be7475e21daaa45d
SHA1

14717627e65e080d50bbc163f5abff5d4a89a28c
SHA256

2c3c1e2f1389dbc3412f5f7cbf93c3d5cdbf1445654377068097f9f9d6367506
SHA512

a15695ca061e0a7491a4b70288684c5915d1e7b756e78ef3b5dae6df68b3f4422d9f90f4ce049c534a5d867687e3de3ef01a6ace9ec4b0adfb50a5cddf592f3b
SSDEEP

6144:G/0gzpylj6H2M08iJcD97EhWrlE8KoglpWPKwhDYrqr:xgc8TOx8Ko6pWiwimr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efe45614d9164115be7475e21daaa45d_JaffaCakes118

Files

efe45614d9164115be7475e21daaa45d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a1929e980cec967245e0b5ff8a10a8b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EndUpdateResourceA
GetCommandLineW
CancelIo
DebugActiveProcess
FindFirstFileExW
ReadConsoleOutputA
SetUnhandledExceptionFilter
FindNextFileW
SetConsoleTitleW
GetEnvironmentStringsW
FindResourceExW
SetThreadPriorityBoost
GetExitCodeProcess
SetCalendarInfoW
GetWindowsDirectoryW
GlobalSize
GetShortPathNameA
lstrcatW
GetFileType
GetDriveTypeA
InitializeSListHead
GetVolumeInformationA
GetSystemTimeAsFileTime
GetLongPathNameA
WriteProfileStringW
GetCommProperties
SetFilePointer
EnumResourceTypesW
GetCommState
WriteConsoleW
HeapCreate
EndUpdateResourceW
VerifyVersionInfoW
BuildCommDCBAndTimeoutsA
BuildCommDCBW
VirtualAlloc
GetNamedPipeInfo
SetHandleInformation
FindFirstFileW
QueryPerformanceFrequency

Exports

Exports

YvAvv
YvBpr
YvEpz
YvFz
YvIzd
YvLtlj
YvLxc
YvPhg
YvXfn
YvXvnx
YvYrbhd

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1929e980cec967245e0b5ff8a10a8b6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 135KB - Virtual size: 135KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 43KB - Virtual size: 43KB

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 135KB - Virtual size: 135KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 43KB - Virtual size: 43KB

.reloc
Size: 15KB - Virtual size: 15KB