2c614390e88a1c37ab99b6783a8cb21a_JaffaCakes118

General

Target

2c614390e88a1c37ab99b6783a8cb21a_JaffaCakes118
Size

1.1MB
MD5

2c614390e88a1c37ab99b6783a8cb21a
SHA1

93e1f4396e511d417c00adaa7f5de51d6be9df6e
SHA256

7e591987c6df890b7a19fd91b57f43aae0f28a8669741f3471c2c61de2bd7bda
SHA512

96a7cf9dcedd667d98a5dff17e6d95ff3e55156d1b9ca12080b930d7c1357fadd776e9a46b5d9deec966648a0b47a1f293eac261138f8fda4aa012dccc1f736a
SSDEEP

1536:0+2E3zDGEkkAyoneHHOsHwvLJJ7nwEIKBScr+YbUOXM16pZTWeAq4D:0KSTyovn+KBS0LJQq4D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c614390e88a1c37ab99b6783a8cb21a_JaffaCakes118

Files

2c614390e88a1c37ab99b6783a8cb21a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4bc397d266dd14cee8fa36e153565bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetThreadTimes
LocalSize
SetCommBreak
FindResourceA
CreateMutexA
GlobalAddAtomA
FlushConsoleInputBuffer
GetConsoleOutputCP
InitAtomTable
SetProcessWorkingSetSize
SetLastError
IsBadStringPtrA
GetFileType
SetThreadAffinityMask
lstrlenA
GetLastError
GetLocalTime
GetProcAddress
GetModuleHandleA
GetSystemTime
ExitProcess
Sleep
GetTickCount
SizeofResource
LoadResource
TerminateProcess
LCMapStringA
ReadFile
SetEndOfFile
GetEnvironmentVariableA
GetProcessVersion
lstrcatA
HeapFree
HeapReAlloc
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
CloseHandle
WriteFile
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
RtlUnwind
SetStdHandle
FlushFileBuffers
SetFilePointer
CreateFileA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
LCMapStringW

user32

MessageBoxA
wsprintfA

advapi32

AbortSystemShutdownA
InitiateSystemShutdownA

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4bc397d266dd14cee8fa36e153565bd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 28KB - Virtual size: 24KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 48KB - Virtual size: 47KB