29a7e91f55c56f3a7b6c70741b7dcece_JaffaCakes118

General

Target

29a7e91f55c56f3a7b6c70741b7dcece_JaffaCakes118
Size

180KB
MD5

29a7e91f55c56f3a7b6c70741b7dcece
SHA1

e148f3c5f78fb8d138d4e0b18dd2bdfb71d536f0
SHA256

06c29687ec1ef008cf09ad3a1f7e2808320f717b87f2386bc973aa690c04ee0a
SHA512

a29384cad4274bd2272aeef42b6c9d9bc560c6cdc837d559f6d83a7e048d4739e21cbf9aeb35fc1b4c7da3846b33c0c7b141823125e70e692d0c1352b73f9462
SSDEEP

3072:u92XUDBF/neQQ1tOuoSbtRLKM5Im6EV8Gb2:u9881eh1tPmcb5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29a7e91f55c56f3a7b6c70741b7dcece_JaffaCakes118

Files

29a7e91f55c56f3a7b6c70741b7dcece_JaffaCakes118
.exe windows:4 windows x86 arch:x86

76afd4984363de746d1e372492cace19

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
HeapAlloc
GetConsoleMode
FindResourceA
CreateMutexW
DeleteFileW
HeapFree
GetFileTime
FindFirstFileA
GlobalFree
WriteFile
CopyFileW
CopyFileExW
FindResourceW
WriteFile
OpenFileMappingA
Sleep
GetConsoleMode
GetComputerNameA
GetFileSize
CreateMutexA
Sleep
DeleteFileA
CreateFileA
ReadFile
FindResourceW
CreateMutexW
DeleteFileW
GetFileSize
ExitProcess
WriteFile
CopyFileW
CopyFileW

Sections

.DATA
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4KB - Virtual size: 237B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76afd4984363de746d1e372492cace19

Headers

File Characteristics

Imports

kernel32

Sections

.DATA Size: 112KB - Virtual size: 109KB

.init Size: 12KB - Virtual size: 9KB

.edata Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 3.4MB

.bss Size: 4KB - Virtual size: 237B

.rdata Size: 4KB - Virtual size: 2KB

.idata Size: 12KB - Virtual size: 11KB

.rsrc Size: 20KB - Virtual size: 16KB

.DATA
Size: 112KB - Virtual size: 109KB

.init
Size: 12KB - Virtual size: 9KB

.edata
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 3.4MB

.bss
Size: 4KB - Virtual size: 237B

.rdata
Size: 4KB - Virtual size: 2KB

.idata
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 20KB - Virtual size: 16KB