17d11fee5f2fb6b2bca1262dd0ccb541_JaffaCakes118

General

Target

17d11fee5f2fb6b2bca1262dd0ccb541_JaffaCakes118
Size

1.9MB
MD5

17d11fee5f2fb6b2bca1262dd0ccb541
SHA1

cef0ac584d0efce62ac3a89febaa226823972b42
SHA256

7873cdb0613d5e79da3f2e7beebc9b7e5487fd14bc10eae7d4bd85d4a4ee4b56
SHA512

3f0e7730e8bb7505dabf747e66e536d144c66c137e84e24e9564f2054bf8d30c960f551a6f6f815b2a1ec99f9f99f526c164a85cd58cfdff609cc2ec010e2da1
SSDEEP

24576:ZDAlMDdJgqq7w7+RKR8lTi+oDQhwzS3jArHXkDgYwKSnePRlID1M5czl:ZclMDdJgvUYizDQNA7KPRiD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17d11fee5f2fb6b2bca1262dd0ccb541_JaffaCakes118

Files

17d11fee5f2fb6b2bca1262dd0ccb541_JaffaCakes118
.exe windows:4 windows x86 arch:x86

be4b337481dec1f5357e952954158d7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualProtect
VirtualFree
Sleep
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
EnterCriticalSection
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
RtlUnwind
RaiseException
HeapReAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
LCMapStringA
LCMapStringW
GetCPInfo
CompareStringA
CompareStringW
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
SetUnhandledExceptionFilter
SetFilePointer
FlushFileBuffers
TerminateProcess
GetCurrentProcess
HeapSize
IsBadWritePtr
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
ReadFile
GetACP
GetOEMCP
SetEndOfFile
GetLocaleInfoW
SetEnvironmentVariableA

Sections

.text
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 888KB - Virtual size: 893KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 880KB - Virtual size: 878KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be4b337481dec1f5357e952954158d7b

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 124KB - Virtual size: 120KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 888KB - Virtual size: 893KB

.rsrc Size: 880KB - Virtual size: 878KB

.text
Size: 124KB - Virtual size: 120KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 888KB - Virtual size: 893KB

.rsrc
Size: 880KB - Virtual size: 878KB