0d2cf701e6d2ed73c10e07aa34f8d542_JaffaCakes118

General

Target

0d2cf701e6d2ed73c10e07aa34f8d542_JaffaCakes118
Size

274KB
MD5

0d2cf701e6d2ed73c10e07aa34f8d542
SHA1

225a9f0528fd33f2e07786ff95cfd8e67a16ba03
SHA256

b7340dc7527086ca623044d1825a1510376f4759e4fa7fd8bbf81dd82997bef5
SHA512

2300e36c1194afa026fee09a7085db54696929efeb3b034c7b34f5ff86f93d903c0fbbdaf30d828770a0992d76922ca69c1b28338bf5180cb4650ddc14ca7e01
SSDEEP

6144:kX0WpRFfYRTHW0h5PYIPWjDeFQcTLNjn66svzbUyOfhW5v4us1vv5vF:v+nfYRqkBYIPQk1TLtn6prehW5fs1vBt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d2cf701e6d2ed73c10e07aa34f8d542_JaffaCakes118

Files

0d2cf701e6d2ed73c10e07aa34f8d542_JaffaCakes118
.exe windows:4 windows x86 arch:x86

102366edd359c74112d0b394248beda2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
InitializeCriticalSection
OutputDebugStringA
SetStdHandle
UnlockFileEx
LockFile
WriteFileEx
GetCurrentThread
CreateThread
GetProcAddress
LoadLibraryA
VirtualAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetLastError
CloseHandle
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
WideCharToMultiByte
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
HeapAlloc
HeapReAlloc
FlushFileBuffers
MultiByteToWideChar
GetCPInfo
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
SetFilePointer
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

102366edd359c74112d0b394248beda2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 251KB - Virtual size: 250KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 14KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 251KB - Virtual size: 250KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 14KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 4KB