01d0cc370bcd8ca060dc33ef0091aa2a_JaffaCakes118

General

Target

01d0cc370bcd8ca060dc33ef0091aa2a_JaffaCakes118
Size

250KB
MD5

01d0cc370bcd8ca060dc33ef0091aa2a
SHA1

dd79d00688c9574f87b0e4305835e76736c3d1eb
SHA256

e351554f4d2467283703ee9a4ba38b73a3a3d2297c8f3a876efa616f18649852
SHA512

c864188b824341d90379887df085a6c32496e267ae49ee9cdd2971a55b2fc292619166e53421385f5c7634860f47d91d8f1c8b78731e12c81a5cc72cacbfbc2a
SSDEEP

6144:j+2fo3LYhepHhv1+QKnlLD2dESM+XL/9VMdBjYAbpBv:j+73kEHN+1nlP2egXTsRvb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01d0cc370bcd8ca060dc33ef0091aa2a_JaffaCakes118

Files

01d0cc370bcd8ca060dc33ef0091aa2a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ef6baa5709a23e40d95b343016784228

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSectionAndSpinCount
LCMapStringW
MultiByteToWideChar
VirtualFree
GetProcAddress
SetConsoleCtrlHandler
HeapReAlloc
WriteFile
GetCurrentThread
HeapDestroy
GetCurrentProcessId
HeapAlloc
EnumSystemLocalesA
GetStartupInfoA
TlsFree
GetModuleHandleA
SetEnvironmentVariableA
GetProfileSectionA
AllocConsole
TlsAlloc
GetStringTypeA
IsValidCodePage
GetEnvironmentStringsW
IsDebuggerPresent
SetLastError
EnterCriticalSection
GetUserDefaultLCID
CompareStringW
GetStringTypeExW
ExitProcess
GetTickCount
CompareStringA
IsValidLocale
HeapFree
GetLocaleInfoW
GetModuleFileNameA
InterlockedDecrement
LoadLibraryA
QueryPerformanceCounter
GetLocaleInfoA
VirtualAlloc
OutputDebugStringA
GetDateFormatA
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetModuleFileNameW
GetStartupInfoW
GetTimeFormatA
TlsGetValue
FoldStringW
LeaveCriticalSection
GetFileType
GetSystemTimeAsFileTime
GetModuleHandleW
GetACP
lstrlenW
GetOEMCP
GetStdHandle
FreeLibrary
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedIncrement
FreeEnvironmentStringsW
GetStringTypeW
TlsSetValue
DeleteCriticalSection
LCMapStringA
WideCharToMultiByte
GetTimeZoneInformation
GetCompressedFileSizeW
InterlockedExchange
HeapSize
HeapCreate
GetLastError
Sleep
GetCommandLineW
GetCPInfo
SetHandleCount

advapi32

RegNotifyChangeKeyValue
RegOpenKeyExA
LookupAccountSidA
CryptEnumProviderTypesA

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef6baa5709a23e40d95b343016784228

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 126KB - Virtual size: 125KB

.data Size: 114KB - Virtual size: 127KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 126KB - Virtual size: 125KB

.data
Size: 114KB - Virtual size: 127KB

.rsrc
Size: 9KB - Virtual size: 8KB