0e397eb70108e4bc105075f9bd63beb7_JaffaCakes118

General

Target

0e397eb70108e4bc105075f9bd63beb7_JaffaCakes118
Size

304KB
MD5

0e397eb70108e4bc105075f9bd63beb7
SHA1

2655245e7fa6acd8542745787667c83c50ce6a65
SHA256

f5df2c5f64db171a5579a6d74b3f7f649f617ffec7dd3f16e1b11a087549fdff
SHA512

9d3aa4b0c1488a21ffbb01337310e49adf19aa915f976e19b314f06eaafa6e9f68fcbd66b5307df0732069e153351c0e3cd5adeff6edc840fb6f3a271bc18925
SSDEEP

6144:xZZ25vUXV4q9MLBts1iZPi0NZ/Tig3RtwbmE:rZKvUlH2s10J9pHE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e397eb70108e4bc105075f9bd63beb7_JaffaCakes118

Files

0e397eb70108e4bc105075f9bd63beb7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5812d7ecbd7d4f477fbad7a7a16b21c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetConsoleOutputCP
DisableThreadLibraryCalls
InterlockedDecrement
MultiByteToWideChar
FreeLibrary
WideCharToMultiByte
ExpandEnvironmentStringsW
LoadLibraryW
GetProcAddress
HeapFree
RaiseException
SetLastError
FormatMessageW
CloseHandle
InterlockedExchange
Sleep
InterlockedCompareExchange
GetModuleHandleA
GetStartupInfoA
GetProcessHeap
GlobalFree
GetCommandLineA
GlobalAlloc
GetLastError
VirtualProtect

user32

wsprintfW

advapi32

RegQueryValueExA
RegEnumKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA

ole32

CoTaskMemFree
StringFromCLSID
CLSIDFromString
CoUninitialize

msvcr71

_adjust_fdiv
_controlfp
_onexit
__dllonexit
_except_handler3
fprintf
__set_app_type
_wcsdup
wcscpy
wcscat
wcsncmp
wcschr
wcslen
wcsncpy
wcsspn
wcstok
sprintf
iswctype
wcscmp
wcstol
wcsncat
wcsstr
wcstoul
free
memset
towlower
memcpy
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
exit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
__p__commode
__p__fmode

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 526KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5812d7ecbd7d4f477fbad7a7a16b21c3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcr71

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 264KB - Virtual size: 526KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 264KB - Virtual size: 526KB

.rsrc
Size: 4KB - Virtual size: 1KB