0f79e7f137f5b513f685b4e7eb8555ab_JaffaCakes118

General

Target

0f79e7f137f5b513f685b4e7eb8555ab_JaffaCakes118
Size

532KB
MD5

0f79e7f137f5b513f685b4e7eb8555ab
SHA1

18a8cb4ad4d0226b1b7e2c01d21e0e01943a4729
SHA256

a8731c10ce3b4e3856fec322e398adc8890c3e71d9d2722a149c2bf04e594398
SHA512

5829754a7c8a4138dbe7464cde0155f4a1679af7d3f6e40a74fe3a47ff4d891e3103a24c8ed89252519eb8c40440084da1d9184970582e480516be5037cdb05d
SSDEEP

6144:+pQH1gdUkZMpvAvzwQWw1Zm2MIgZQ2yLwVpZBERmsKF+cmXsu2hHk:+pQ2+UsfFEiFTmX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f79e7f137f5b513f685b4e7eb8555ab_JaffaCakes118

Files

0f79e7f137f5b513f685b4e7eb8555ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81edfd50dc463a162b170373e902cbc9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetThreadContext
PurgeComm
HeapAlloc
GetConsoleCommandHistoryA
GetConsoleKeyboardLayoutNameA
VirtualAllocEx
SetVolumeLabelA
GlobalMemoryStatusEx
IsBadStringPtrA
WaitNamedPipeA
EnterCriticalSection
WritePrivateProfileSectionA
ConvertDefaultLocale
GetEnvironmentStringsA
TerminateThread
DisconnectNamedPipe
SetProcessPriorityBoost
CreateSocketHandle
ReleaseSemaphore
OpenFileMappingA
HeapCreate
TransmitCommChar
GetSystemTimeAdjustment
HeapReAlloc
GetFileSizeEx
GetDiskFreeSpaceA
ChangeTimerQueueTimer
GetStdHandle
GetPrivateProfileIntA
FindNextVolumeMountPointA
RegisterWaitForSingleObjectEx
GetFileAttributesA
UpdateResourceA
ResetEvent
WriteConsoleInputA
GetSystemDirectoryA
BuildCommDCBA
GetProcessPriorityBoost
MapViewOfFileEx
CancelWaitableTimer
GetComputerNameExA
GlobalLock
HeapDestroy
GetVersionExA
ProcessIdToSessionId
TerminateJobObject
GetConsoleTitleA
LeaveCriticalSection
OpenProcess
UpdateResourceA

advapi32

AdjustTokenPrivileges
RegCloseKey

Sections

.text
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 424KB - Virtual size: 688KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81edfd50dc463a162b170373e902cbc9

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: - Virtual size: 4KB

.itext Size: 424KB - Virtual size: 688KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 100KB - Virtual size: 100KB

.text
Size: - Virtual size: 4KB

.itext
Size: 424KB - Virtual size: 688KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 100KB - Virtual size: 100KB