0d47459378514b7fc832a68a73a9784b_JaffaCakes118

General

Target

0d47459378514b7fc832a68a73a9784b_JaffaCakes118
Size

204KB
MD5

0d47459378514b7fc832a68a73a9784b
SHA1

e506c6fe16d4ec23200287717fb24676b97353dc
SHA256

678690d3eed36d8eb47319731f47996ac64b09402964a6f981c1d55a09e21da5
SHA512

6a08b3b9b7fd8936aff173fc089062ee1dd2cf5ab6dda6ff3161373a9f4359d091eae784a8c899e10c447ecf7912b37ba6d27c70481f46e9322c1d1c22daeca4
SSDEEP

6144:ev+KmwhQL8tDIRIwvwDos8mWeeRe1/Z5cFcRza:++KZhp5I96h8T9Re9ZaCRG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d47459378514b7fc832a68a73a9784b_JaffaCakes118

Files

0d47459378514b7fc832a68a73a9784b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

38e64cfe2e34f0111fc7b3e0d1d294bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
InterlockedIncrement
GetCurrentThread
GetSystemTime
GetTickCount
GetCommandLineA
TlsAlloc
GetVolumeInformationA
GetCurrentProcessId
CompareFileTime
GetSystemWindowsDirectoryA
GetStartupInfoW
GetModuleHandleA
GetModuleFileNameA
IsValidCodePage
GetCurrentDirectoryA
CreateEventA
QueryPerformanceCounter
CreateMutexA
GetProcAddress
GetModuleHandleW
GetCurrentProcess
InterlockedDecrement
GetModuleFileNameW
GetLocalTime
GetCurrentThreadId
GetStartupInfoA

advapi32

RegCloseKey
GetUserNameW
RegQueryValueExA
RegOpenKeyExA

user32

CharUpperW

shlwapi

PathCommonPrefixW
PathStripToRootA

msvcrt

__getmainargs
__dllonexit
_controlfp
_except_handler3
wcsstr
memcpy
memset
_exit
_XcptFilter
exit
_acmdln
_onexit
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type

Sections

.text
Size: 199KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38e64cfe2e34f0111fc7b3e0d1d294bc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

shlwapi

msvcrt

Sections

.text Size: 199KB - Virtual size: 198KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 181KB

.rsrc Size: 1024B - Virtual size: 672B

.text
Size: 199KB - Virtual size: 198KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 181KB

.rsrc
Size: 1024B - Virtual size: 672B