0bc19a9dcff0243f82ed8a9f844cd87b_JaffaCakes118

General

Target

0bc19a9dcff0243f82ed8a9f844cd87b_JaffaCakes118
Size

118KB
MD5

0bc19a9dcff0243f82ed8a9f844cd87b
SHA1

a00e0a10634b37994c22ae0633e7bac968d4c96f
SHA256

e73fb7df4038e3065c3a56b5a71238a3deaf7223791624f16e63e9afe1353360
SHA512

cad03b9056326666c788c47a77edb5d32cae1a511c4f61f0ee3667bfdd292fa05a8aa08b4f32565ba46a9d209c0fa758bf099d9aefe4e05e45956354c5634bda
SSDEEP

1536:MX7TNymQh8SPWDOE4eG0ZqsQAKzISUhN/MWmbeRcjfuGDve7mHdZZOGdIn:MPNFH4eGsq/IvxMWm0muGDve7CZbCn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bc19a9dcff0243f82ed8a9f844cd87b_JaffaCakes118

Files

0bc19a9dcff0243f82ed8a9f844cd87b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

543fbfbb4935b7c0716e7a4880730e13

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GetTickCount
GetStartupInfoA
GetModuleHandleA
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
VirtualAlloc

msvcrt

__getmainargs
exit
__setusermatherr
_atoldbl
_atoi64
_except_handler3
_adjust_fdiv
_exit
__p__fmode
_initterm
_acmdln
_XcptFilter
_access
__set_app_type
_chdir
_c_exit
_cabs
__p__commode
_assert
_beep

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
WmiQueryAllDataMultipleW
RegQueryValueExW

oleaut32

SafeArrayCreate
GetActiveObject
SysFreeString
SysAllocStringByteLen
VariantClear

ws2help

WahWaitForNotification
WahCloseNotificationHandleHelper
WahCompleteRequest
WahCreateHandleContextTable
WahCreateNotificationHandle
WahCloseThread
WahCloseHandleHelper
WahCloseSocketHandle
WahCreateSocketHandle

Sections

.textbss
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

543fbfbb4935b7c0716e7a4880730e13

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

oleaut32

ws2help

Sections

.textbss Size: - Virtual size: 108KB

.text Size: 55KB - Virtual size: 55KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 53KB - Virtual size: 53KB

.rsrc Size: 6KB - Virtual size: 6KB

.textbss
Size: - Virtual size: 108KB

.text
Size: 55KB - Virtual size: 55KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 53KB - Virtual size: 53KB

.rsrc
Size: 6KB - Virtual size: 6KB