f0206fbf263801a1ad9229130c2f04b1_JaffaCakes118

General

Target

f0206fbf263801a1ad9229130c2f04b1_JaffaCakes118
Size

272KB
MD5

f0206fbf263801a1ad9229130c2f04b1
SHA1

330bc1dfbd1e8d52276bf0c99dc507ca0763cbad
SHA256

57b88609215417178145f3e3461c7e743604d0a77b8caf27f03f4aff72ba79fa
SHA512

9f30a0884330718bcc9186ec077db4168fcf3a8ca08c1c3c5bd48bd63b9d2aebb4549c82226f32539c4b86a392afc31de234984e2742aa37a77c38c5c3ea0a3e
SSDEEP

6144:/H/Fjw+BYqdQnmWYOaiSj5UAA0U6++vCL7D2RPw:/H/Fj/VdOSKAY6P8D2u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0206fbf263801a1ad9229130c2f04b1_JaffaCakes118

Files

f0206fbf263801a1ad9229130c2f04b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4853f9f44b571f7514809889c528303c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineW
GetSystemTimeAsFileTime
SetSystemPowerState
GetCPInfo
FormatMessageA
GetCurrentThread
GetVersionExW
TerminateProcess
CreatePipe
PeekNamedPipe
GetExitCodeProcess
GetEnvironmentVariableW
WinExec
SetUnhandledExceptionFilter
SetErrorMode
DuplicateHandle
GetModuleFileNameA
OpenMutexA
CreateMutexW
CreateMutexA
RemoveDirectoryW
MoveFileW
CreateThread
GetTempFileNameA
GetVersion
LocalAlloc
LocalFree
CloseHandle
SetFilePointer
WriteFile
GetFileSize
CreateFileA
CreateProcessW
Sleep
FreeLibrary
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetCurrentThreadId
GetCommandLineA
GetProfileStringW

msvcr71

memset
free
malloc
_c_exit
_exit
_XcptFilter
_cexit
exit
__p___initenv
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp

Exports

Exports

isanarruskwjsxhuv
xhmphuagq
xlavcxcchtcjanoztx

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4853f9f44b571f7514809889c528303c

Headers

File Characteristics

Imports

kernel32

msvcr71

Exports

Exports

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 45KB - Virtual size: 44KB

.data Size: 90KB - Virtual size: 327KB

.rsrc Size: 1024B - Virtual size: 952B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 45KB - Virtual size: 44KB

.data
Size: 90KB - Virtual size: 327KB

.rsrc
Size: 1024B - Virtual size: 952B

.reloc
Size: 4KB - Virtual size: 4KB