285ee8e251f4d362f7b1d057ca260787_JaffaCakes118

General

Target

285ee8e251f4d362f7b1d057ca260787_JaffaCakes118
Size

628KB
MD5

285ee8e251f4d362f7b1d057ca260787
SHA1

5b254d787dffc43b68e899a077c726df557eb188
SHA256

641a91cd25ce1f13feeafefb42add5178456518693d099c24fd5ae8e2faf3e46
SHA512

168419fa8e034aa0896a35c19f21dfbc0951f06da9352290220dbe7d8e09a126417b2a93e209fa74d4e61c802032b575b086637cdf790b9d16a10856517beadb
SSDEEP

12288:pd1Ocd6BKTAVcLVHFnx6QU8Q/T1Ns+YX1xpP2EtmNBNcI3KEz0YsYfj:pd1Ocgk13zjQ/T1Ns+tEONcZcj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
285ee8e251f4d362f7b1d057ca260787_JaffaCakes118

Files

285ee8e251f4d362f7b1d057ca260787_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb0a1dd35dafd6ed370b88e3fb7c0d30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
SetEndOfFile
GetFileType
GetFileAttributesW
VirtualQuery
LoadResource
CreateProcessA
TerminateProcess
LocalFree
FreeLibrary
GetModuleHandleW
GetStringTypeW
GetACP
GetSystemTimeAsFileTime
CloseHandle
FindFirstFileA
WriteFile
SetUnhandledExceptionFilter
ReadFile
UnmapViewOfFile
GetModuleHandleA
GetStringTypeA
WideCharToMultiByte
CompareStringA
SetFilePointer
SetStdHandle
FormatMessageA
GetCommandLineA
FreeEnvironmentStringsW
MultiByteToWideChar
UnhandledExceptionFilter
GetCommandLineW
GetCurrentProcessId
GetEnvironmentStrings
DeleteCriticalSection
lstrlenW
DeleteFileA
LoadLibraryA
GlobalUnlock
TlsAlloc
HeapDestroy
SetEvent
WaitForSingleObject
GlobalFree
GetModuleFileNameW
InterlockedIncrement
HeapCreate
GetConsoleOutputCP
EnterCriticalSection
HeapFree
GetLastError
HeapAlloc
GetStartupInfoA
ExitProcess
GetCurrentProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetCurrentThreadId
TlsSetValue
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
VirtualFree
RtlUnwind
InitializeCriticalSection
GetCPInfo
GetOEMCP
HeapReAlloc
GetProcAddress
LCMapStringA
LCMapStringW
InterlockedDecrement
VirtualAlloc
SetLastError
GetSystemInfo
LeaveCriticalSection

gdi32

DeleteDC
SelectObject
DeleteObject

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 568KB - Virtual size: 566KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cb0a1dd35dafd6ed370b88e3fb7c0d30

Headers

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 568KB - Virtual size: 566KB

.data Size: 28KB - Virtual size: 30KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 568KB - Virtual size: 566KB

.data
Size: 28KB - Virtual size: 30KB