2e8ca55b0e6f9862f409da4ee04309c9_JaffaCakes118

General

Target

2e8ca55b0e6f9862f409da4ee04309c9_JaffaCakes118
Size

540KB
MD5

2e8ca55b0e6f9862f409da4ee04309c9
SHA1

61b7fd41f158aa6c867520174342a3a8a3b165f4
SHA256

b1662949f987a1020dbff728a099a3fcbe6c382b985b89e7e0d6fb7eafc2808c
SHA512

639140e2f30b8348af4b4747d12c970231b4c97ada81a07cd0b3834be2f9a9f722873527fe7704c41fc5077902b115538649309d85bbfe0974225707d90c219e
SSDEEP

12288:AdqrHDWz19ghlo6Qro5axtG8XDkQS0++F3RioeYRK5ku:Adqzyz1Uu6QrZG4wQ9xFhiRQKL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e8ca55b0e6f9862f409da4ee04309c9_JaffaCakes118

Files

2e8ca55b0e6f9862f409da4ee04309c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15116a64a8ac88d2df7a4226297de3f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDllDirectoryA
GetPrivateProfileStructA
LCMapStringA
GetCommModemStatus
SetLocalPrimaryComputerNameA
GetModuleHandleA
GetProfileSectionA
RemoveDirectoryA
VirtualAllocEx
HeapCompact
GetProcessShutdownParameters
GetTempFileNameA
BeginUpdateResourceA
GetCPInfoExA
EnumUILanguagesA
EnterCriticalSection
FindNextVolumeMountPointW
HeapCreate
LeaveCriticalSection
GetUserGeoID
OpenEventA
FlushConsoleInputBuffer
ReadConsoleA
GetDriveTypeA
GetLogicalDrives
GetCurrentConsoleFont
SetEnvironmentVariableA
FindFirstFileExW
MulDiv
UnlockFile
SetCommBreak
SetConsoleNumberOfCommandsA
HeapReAlloc
GetThreadTimes
SetFileApisToOEM
HeapAlloc
GetDiskFreeSpaceExA
FillConsoleOutputAttribute
FindNextVolumeMountPointA
GetConsoleCommandHistoryLengthA
GetModuleHandleA
GetSystemTimes
GetSystemTimeAdjustment
OpenThread
GetComPlusPackageInstallStatus
ReadConsoleInputA
IsWow64Process
CreateDirectoryExA
IsSystemResumeAutomatic
IsBadReadPtr

advapi32

RegCloseKey
AdjustTokenPrivileges

Sections

.text
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 432KB - Virtual size: 700KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15116a64a8ac88d2df7a4226297de3f0

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: - Virtual size: 4KB

.itext Size: 432KB - Virtual size: 700KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 100KB - Virtual size: 100KB

.text
Size: - Virtual size: 4KB

.itext
Size: 432KB - Virtual size: 700KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 100KB - Virtual size: 100KB