143810c6f9ffeea43c0631d0d96cc398_JaffaCakes118

General

Target

143810c6f9ffeea43c0631d0d96cc398_JaffaCakes118
Size

148KB
MD5

143810c6f9ffeea43c0631d0d96cc398
SHA1

100bb5d4b45a760dfe307f739f1476bb4bf3d417
SHA256

4313bd7794c912b4a94fa11431247ff44c7147b240c42ac9776ccf0e4c8014e5
SHA512

35a5dfceef32a4857b74a383f70b910891340669b482c82d235c452848c35c3f90e052a609c8237c055a9e2a435920ab3b46f10ed6ddf4874b79cd606c3ca24f
SSDEEP

3072:0kdn1F1Bs3W8OcckE8ZMSxb16Fn0U1wPz3IEeD457ydCeGeHMn:0Gz1UpV9KSqx0UW7heDYs+b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
143810c6f9ffeea43c0631d0d96cc398_JaffaCakes118

Files

143810c6f9ffeea43c0631d0d96cc398_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d9c09b7965df6dbeb6a431f3f20f7085

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumLanguageGroupLocalesW
GetDevicePowerState
EnumSystemCodePagesA
EnumDateFormatsA
IsBadWritePtr
SetSystemTime
GetStringTypeW
GetNumberFormatW
Thread32First
WritePrivateProfileSectionA
GetCurrencyFormatW
_hwrite
SetDefaultCommConfigW
GetCurrentProcessId
LCMapStringW
FindFirstVolumeMountPointW
GetStartupInfoA
GetModuleHandleA

msvcrt

__p__fmode
_initterm
_acmdln
_controlfp
_except_handler3
_XcptFilter
__setusermatherr
_adjust_fdiv
exit
__getmainargs
__set_app_type
__p__commode
_exit

user32

EnumPropsExA
CallMsgFilterA
GetMenuItemInfoA
CloseWindowStation
SetWindowsHookExA
DlgDirSelectExA
LoadAcceleratorsA
GetTopWindow
SetCursor
VkKeyScanW
DdeConnectList
UnpackDDElParam
DdeReconnect
GetQueueStatus
DefWindowProcA
DdeQueryConvInfo

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9c09b7965df6dbeb6a431f3f20f7085

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 94KB - Virtual size: 94KB

.rdata Size: 39KB - Virtual size: 38KB

.data Size: 5KB - Virtual size: 88KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 94KB - Virtual size: 94KB

.rdata
Size: 39KB - Virtual size: 38KB

.data
Size: 5KB - Virtual size: 88KB

.rsrc
Size: 8KB - Virtual size: 7KB