06675c0e3efb7d32baf9cfe1c4710d10_JaffaCakes118

General

Target

06675c0e3efb7d32baf9cfe1c4710d10_JaffaCakes118
Size

276KB
MD5

06675c0e3efb7d32baf9cfe1c4710d10
SHA1

802394e6ef4224d76b11c92b8075b8e55baa43c6
SHA256

1cf0c74ac4f5be75f9f21e32215c2d51e2892a5677e98ca6cc42a4b37e663ed3
SHA512

f1ee95a93782749e4e9d6d354d61546ae3d1abffee250c4ef6ec05d259a47d27308a08cee0c3adea1892d10707bafc764744de1c601263ef8d294f0c8f50579a
SSDEEP

6144:EHajzPW/UKwGmBJDWMD9h2el5b7/u9RXq8puVB35MK0+:UanPW8fGmLDWM5hnl5b7/8RgVBJMKD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06675c0e3efb7d32baf9cfe1c4710d10_JaffaCakes118

Files

06675c0e3efb7d32baf9cfe1c4710d10_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f717378713d03ab933b8c3ad8e9b9b78

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
Sleep
GetModuleFileNameA
DeleteFileA
CreateFileA
ExpandEnvironmentStringsA
SetUnhandledExceptionFilter
FlushFileBuffers
SetFileTime
FileTimeToSystemTime
GetFileTime
GetLastError
CreateDirectoryA
HeapFree
HeapAlloc
GetProcessHeap
GetStringTypeW
GetStringTypeA
SetEndOfFile
ReadFile
WriteFile
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
SetStdHandle
GetFileType
SetHandleCount
GetStdHandle
DeleteCriticalSection
SetFilePointer
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
InterlockedDecrement
InterlockedIncrement
VirtualAlloc
HeapReAlloc
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
LCMapStringW

shell32

ord680

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 228KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f717378713d03ab933b8c3ad8e9b9b78

Headers

File Characteristics

Imports

kernel32

shell32

iphlpapi

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 228KB - Virtual size: 225KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 228KB - Virtual size: 225KB