00c76f0698b6586b923734688ec41804_JaffaCakes118

General

Target

00c76f0698b6586b923734688ec41804_JaffaCakes118
Size

144KB
MD5

00c76f0698b6586b923734688ec41804
SHA1

d2131bf7a10646f14c6392eae68676bb5744bb6e
SHA256

70628181c4748ffd5858d81d17fa053372711c3791403cb88d7656a2fc9cf003
SHA512

0519eab3ea1e394959abbbb0bc078f052b4594bd8dee4f4834056e2994cbdff7a34f5594e0ef56e47be88b381e4e95d4c9e1c77b2f40894d88bba13187e3afd8
SSDEEP

3072:206bbiKYsU/26lmeCvQnoUBqKWcKIdfUfCjqD4HAT+6iQpa:E7k2xeCYoIWcv1/sza

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00c76f0698b6586b923734688ec41804_JaffaCakes118

Files

00c76f0698b6586b923734688ec41804_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b950c789ec10f8980268b3906fe3d970

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GlobalWire
GetModuleHandleA
EnumUILanguagesA
InterlockedExchangeAdd
EnumSystemLocalesW
GetStartupInfoA
CreateRemoteThread
GetExitCodeProcess

msvcrt

_fileinfo
__getmainargs
_ungetwch
__p__fmode
_atodbl
_adj_fpatan
_strnicmp
_exit
__setusermatherr
_acmdln
exit
_mbslen
_ismbbpunct
_wcmdln
fopen
__set_app_type
_except_handler3
fscanf
_aligned_realloc
_controlfp
_adjust_fdiv
_initterm
_mbsrchr
__p__commode
_wcreat
_wputenv
_XcptFilter
_wfopen

user32

DdeFreeDataHandle
CheckMenuItem
OemToCharA
EnumPropsW
GetQueueStatus
SetPropW
IsCharUpperW
BringWindowToTop
SendIMEMessageExA
IsIconic

gdi32

SetColorSpace
TextOutW
EnableEUDC
SetLayout
EndDoc
DeleteEnhMetaFile
DrawEscape

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b950c789ec10f8980268b3906fe3d970

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

Sections

.text Size: 82KB - Virtual size: 82KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 512B - Virtual size: 88KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 82KB - Virtual size: 82KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 512B - Virtual size: 88KB

.rsrc
Size: 7KB - Virtual size: 7KB