006fa11e74632a9f78c0006c8dd72150_JaffaCakes118

General

Target

006fa11e74632a9f78c0006c8dd72150_JaffaCakes118
Size

179KB
MD5

006fa11e74632a9f78c0006c8dd72150
SHA1

24c27ea93f4b72ff7c9f5d30b327b6ff7f22a13b
SHA256

07c0f7d24930c1418ad0b529a52c6a6262a9652acdd2b1400f61f19ed3b467f0
SHA512

e3afeb6108df038d128100bb92ec44cf8ebe883bcf5f3ca3f0979f998a6e294428cbaf15438b60e9ef3f704fc8ea371888fe2225221cc533fc828c4a075869e4
SSDEEP

3072:WOaF/FCBP2t7/CTIYHc+tUHoO9JPu3rYkFzYytHwG56p4zk:WvCBP2tultkoGP+EkFkUHL6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
006fa11e74632a9f78c0006c8dd72150_JaffaCakes118

Files

006fa11e74632a9f78c0006c8dd72150_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b2ed52e1bfd61fc9699355c244689a69

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FoldStringW
GetLocalTime
HeapReAlloc
SetDefaultCommConfigA
CancelIo
InitializeCriticalSection
CreateTimerQueueTimer
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EnterCriticalSection
LeaveCriticalSection
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
Sleep
HeapFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
IsProcessorFeaturePresent
MultiByteToWideChar
LoadLibraryW
HeapAlloc
FlushFileBuffers
LCMapStringW
GetStringTypeW
SetStdHandle
WriteConsoleW
ReadFile
HeapSize
CloseHandle
CreateFileW

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2ed52e1bfd61fc9699355c244689a69

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 51KB - Virtual size: 50KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 22KB - Virtual size: 30KB

.rsrc Size: 91KB - Virtual size: 90KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 51KB - Virtual size: 50KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 22KB - Virtual size: 30KB

.rsrc
Size: 91KB - Virtual size: 90KB

.reloc
Size: 4KB - Virtual size: 3KB