f08fc33b73479f996c7ba72bc55aa030_JaffaCakes118

General

Target

f08fc33b73479f996c7ba72bc55aa030_JaffaCakes118
Size

262KB
MD5

f08fc33b73479f996c7ba72bc55aa030
SHA1

f0b91a30f69f099555b051ac72c7ab4dbb5c58f9
SHA256

37cb6ba47635a19a0211ed04e5fbe8209d061669cb8defe7077fa6d922de887a
SHA512

7bc08d3caa2f1a25829bae79bc6d6471973e9a6b34478b584a4046e3d07ed6f8afab727a8d04cce2a9e3286299d7373f9b035df6bf2adf4b6a5bfbb7406e8862
SSDEEP

6144:PBv9ecPyvWK2Ri8o48LVXq/oRE1X5jwnNOA:Pd0cR5F8LVXq/o6J0nQA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f08fc33b73479f996c7ba72bc55aa030_JaffaCakes118

Files

f08fc33b73479f996c7ba72bc55aa030_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b0cbb950f5e711e468593e4e157181c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushInstructionCache
SetFilePointer
Sleep
RemoveDirectoryW
CreateFileMappingA
HeapFree
GetDiskFreeSpaceExA
VirtualProtect
CreateToolhelp32Snapshot
SetFilePointerEx
CreateProcessW
SetPriorityClass
GetOverlappedResult
GetTempPathA
VirtualAlloc
CopyFileExA
GetCommandLineA
GetDriveTypeA
GetFileType
SetCurrentDirectoryA
GetSystemTimeAsFileTime
GetProcessTimes
GetModuleHandleA
SearchPathA
SystemTimeToFileTime
GetPrivateProfileIntA
Module32First
MoveFileA
VirtualFree
GetStartupInfoA
Sleep
LockResource
TlsFree
GetProcAddress
MoveFileWithProgressW
GetLongPathNameA
GetSystemDefaultLCID
GetWindowsDirectoryA
LoadLibraryA
SetHandleCount
QueryPerformanceCounter
CreateFileW
SetEvent
GetThreadPriority
IsDebuggerPresent
CreateDirectoryExW
GlobalSize
lstrcmpA
FindFirstChangeNotificationA
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
InitializeCriticalSection
SetFileTime
GetVersionExA
CreateDirectoryA
CreateDirectoryExA
VirtualQuery
GetSystemTime
GetTempPathW
MoveFileExW
HeapCreate
InterlockedDecrement
GetFileSizeEx
WideCharToMultiByte
GetPrivateProfileStringA
GetCommandLineW
OpenMutexA
WritePrivateProfileStringA
OutputDebugStringA

ntdll

NtOpenEvent
RtlCreateTimer
NtSetSystemInformation
RtlFreeUnicodeString
RtlCompareUnicodeString
NtQuerySection
ZwQueryInformationThread
NtProtectVirtualMemory

Sections

.text
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0cbb950f5e711e468593e4e157181c9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

Sections

.text Size: 190KB - Virtual size: 190KB

.data Size: 68KB - Virtual size: 67KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 190KB - Virtual size: 190KB

.data
Size: 68KB - Virtual size: 67KB

.rsrc
Size: 5KB - Virtual size: 8KB