0405e7f3e5f7fae934b5a70b3a66c5fe_JaffaCakes118

General

Target

0405e7f3e5f7fae934b5a70b3a66c5fe_JaffaCakes118
Size

279KB
MD5

0405e7f3e5f7fae934b5a70b3a66c5fe
SHA1

baa80acf2ab5fc6777b7b57d5860a20558685796
SHA256

154cd31c72cd2f51b9653e9b87c41c493b342686cc69b53519c398c096496543
SHA512

5291dc7e7d8d3a999bd57369232e0d229f4d64b811972f6a757800fbd8d8dc361d2ea5f43221ab5ddc72d708331234bed1d0671908c74c73c932b25752bc8e8f
SSDEEP

6144:J2Jpfs7MOEbfBH9SFndkQBkUmD9433FldB8ILnDN7C:UYMO0BH9SFdkbep7L9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0405e7f3e5f7fae934b5a70b3a66c5fe_JaffaCakes118

Files

0405e7f3e5f7fae934b5a70b3a66c5fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f66b0579bc52b1dd83f2647e45a0102d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetCommandLineA
GetLogicalDriveStringsA
LocalReAlloc
GetUserGeoID
LockFile
FreeResource
QueueUserWorkItem
FindResourceW
_lread
GetProcessHeap
LoadResource
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
GetEnvironmentVariableA
SetEnvironmentVariableW
_lclose
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
GetProcAddress
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
TerminateProcess
GetCurrentProcess
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InterlockedDecrement
InterlockedIncrement
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ygwgkgs
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

acawsg
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wggkus
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f66b0579bc52b1dd83f2647e45a0102d

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 25KB - Virtual size: 25KB

ygwgkgs Size: 190KB - Virtual size: 190KB

acawsg Size: 19KB - Virtual size: 20KB

wggkus Size: 43KB - Virtual size: 42KB

.text
Size: 25KB - Virtual size: 25KB

ygwgkgs
Size: 190KB - Virtual size: 190KB

acawsg
Size: 19KB - Virtual size: 20KB

wggkus
Size: 43KB - Virtual size: 42KB