151aa4014f71ae96ea19f22e416f2f6c_JaffaCakes118

General

Target

151aa4014f71ae96ea19f22e416f2f6c_JaffaCakes118
Size

285KB
MD5

151aa4014f71ae96ea19f22e416f2f6c
SHA1

eaec4673f0f32a5a070340d04de2fa9a8c8ba649
SHA256

1330127dab44696e071523db7a57c8803f25f957e74ed0f66fe7b9dc26fe4787
SHA512

752f08610ab9bafe9d426025e9700905ecacecffe18af26c9db048794d702368b1b399d9ba70b06567928692f60fcb14e0c1f20019bc0f29e935db09e524aeb0
SSDEEP

6144:sDTKL2CuPJR99+99HsikuG4S2Pk+++ARIOz0ByBvBbjeR:sXKL2CCP99+PHTSwk+QiMZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
151aa4014f71ae96ea19f22e416f2f6c_JaffaCakes118

Files

151aa4014f71ae96ea19f22e416f2f6c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee700f7a25d584bdefac7097d3de3695

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtectEx
Sleep
VirtualFree
VirtualAlloc
SetNamedPipeHandleState
DeviceIoControl
SetStdHandle
WaitForMultipleObjectsEx
GetModuleHandleA
GetFileAttributesA
CreateThread
GetProcAddress
TerminateProcess
VirtualFreeEx
GetCurrentProcess
GetCommandLineA
HeapDestroy
LockFileEx
LoadLibraryA
lstrcmpiA
GetLocalTime
RemoveDirectoryA
FreeLibrary
GetVersionExA
GetLastError
GetDriveTypeA
GetVersion
FindResourceA
GetComputerNameA
GetFileInformationByHandle
GetCurrentThread
InterlockedExchangeAdd
GetTimeZoneInformation
GetStartupInfoA
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapCreate
HeapFree
RtlUnwind
WriteFile
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee700f7a25d584bdefac7097d3de3695

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 261KB - Virtual size: 260KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 14KB - Virtual size: 23KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 261KB - Virtual size: 260KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 14KB - Virtual size: 23KB

.rsrc
Size: 6KB - Virtual size: 5KB