00ba2e92353dea883188e69f9bb17eb4_JaffaCakes118

General

Target

00ba2e92353dea883188e69f9bb17eb4_JaffaCakes118
Size

85KB
MD5

00ba2e92353dea883188e69f9bb17eb4
SHA1

cb493db3a12328682a80b72ed8ebfc95448d955f
SHA256

e9797d9b2a9954745f24471e95fe36faea9bf3b19d0e74cd7d4b21af474c774e
SHA512

a4d27f3d76794d09c3ccb05c97db087f2a68cdb373d84602ddc1c989057a76b4d2d48e19b0946dc2cba892ae60e16c8e9f8dafdd3bb53d45f5c2d4f76dd0aae0
SSDEEP

1536:B/5WNxvWgKb4iWGhavCvYKK48xTyBxpaD5zlHDFWrYcfkBr9ZkFyxNS:B/5WNDKbvWGhavCAe8dyB2D5J8PS8ow

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00ba2e92353dea883188e69f9bb17eb4_JaffaCakes118

Files

00ba2e92353dea883188e69f9bb17eb4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2851cab21f86fc9904f75a8c74b95759

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFiber
GetFileSize
GetPrivateProfileStringA
GetLastError
SearchPathW
EraseTape
GetEnvironmentVariableA
DeleteFileW
CreateDirectoryA
MoveFileA
LoadResource
GetShortPathNameW
CallNamedPipeA
GetCurrentProcess
EnumResourceLanguagesA
GetCommandLineW
SetLastError
GetModuleHandleA

msvcrt

qsort
_heapchk
_wutime64
_c_exit
memcpy
__p__commode
_mbsncmp

winmm

midiInClose
timeKillEvent
joyGetPosEx
mmioAdvance
waveInOpen
mciSetDriverData
mmioInstallIOProcA
waveInReset
midiStreamClose
joyGetThreshold
mciSendCommandA
waveInGetErrorTextW
waveInGetDevCapsW
waveInGetPosition

opengl32

glVertex2f
glViewport
glLightf
glColor3uiv
glRectf
glRasterPos2s
glRasterPos3i
glNormal3i
glPopName
glLightModeli
glLightiv
glEvalCoord2dv
wglUseFontBitmapsA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 30B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2851cab21f86fc9904f75a8c74b95759

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

winmm

opengl32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 75KB - Virtual size: 75KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 30B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 75KB - Virtual size: 75KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 30B