fcc679981e057c1adce1924185427211_JaffaCakes118

General

Target

fcc679981e057c1adce1924185427211_JaffaCakes118
Size

54KB
MD5

fcc679981e057c1adce1924185427211
SHA1

a52257ee0810702c55541140d511da2c17aca08f
SHA256

e5e36e5bd00e4687891ea07a735c621e3fd7b0ccdcd06571a09f0c68f8d6094d
SHA512

ece99136dd8d6ffe9c56f9b1035fdde275de73526176a4595a3b362eae086a530ca0f5d328019b57a943e36ef4a6b52109ec8100be65210aef76315cca66f689
SSDEEP

768:Ra5IR81rPC4Q5qxPsuORCTzeuE4uIf6s/ubEKA3ukqxjZJ8qkUizUR:RCIR8xPC4QqE1/ANuCek+Yt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcc679981e057c1adce1924185427211_JaffaCakes118

Files

fcc679981e057c1adce1924185427211_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c7228fa01d2493db2cec7a17804ac823

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mssign32

DllRegisterServer
DllUnregisterServer
FreeCryptProvFromCert
GetCryptProvFromCert
PvkFreeCryptProv
DllRegisterServer
DllUnregisterServer
FreeCryptProvFromCert
GetCryptProvFromCert
PvkFreeCryptProv
DllRegisterServer
DllRegisterServer
DllRegisterServer

kernel32

VirtualAlloc
GetSystemDirectoryA
TlsFree
GetDiskFreeSpaceW
CreateFileA
GetSystemInfo
ReadFile
GetACP
TlsFree
TlsFree
ReplaceFileA
IsProcessInJob
GlobalFree
DeleteAtom
CreatePipe
DuplicateHandle
EncodePointer
GlobalFree
DeleteAtom
EnterCriticalSection
FreeLibrary
GetThreadLocale
FindNextFileA
GetModuleHandleW
GetFileTime
SetComputerNameW
LockFileEx
ExitProcess
AllocConsole
GetThreadTimes
ReleaseMutex
HeapWalk
LCMapStringW
IsValidLocale

odbc32

CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData
CloseODBCPerfData

Sections

.text
Size: 512B - Virtual size: 419B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DATA
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c7228fa01d2493db2cec7a17804ac823

Headers

File Characteristics

Imports

mssign32

kernel32

odbc32

Sections

.text Size: 512B - Virtual size: 419B

.rdata Size: 3KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 45KB - Virtual size: 48KB

.DATA Size: 512B - Virtual size: 16KB

.text
Size: 512B - Virtual size: 419B

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 45KB - Virtual size: 48KB

.DATA
Size: 512B - Virtual size: 16KB