3c25ea63da544090beec1e2b6eca6538_JaffaCakes118

General

Target

3c25ea63da544090beec1e2b6eca6538_JaffaCakes118
Size

524KB
MD5

3c25ea63da544090beec1e2b6eca6538
SHA1

1252719f3d70cae14bbda61fa0f5a5cfbbede176
SHA256

689a21ff398a266f993e273ca13688614682e0e25df9f884365e1fa5951d6fcc
SHA512

2e84168e1d92f33b9752b524d57b9d5e96b5800f18139153eea968fbb0873496b5d5b2f189cf60e5d13479e8e622770e954bd74f00fc38f03945bc2d94ba1fd0
SSDEEP

12288:pmly1zZZ+haYWLX2uCyXN5rzsMo03DPK9FHMc1nLNpWK+UBC:piy1/+4r2UNJsMo03DUFHM+IK+Uo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c25ea63da544090beec1e2b6eca6538_JaffaCakes118

Files

3c25ea63da544090beec1e2b6eca6538_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cc71c1be7db21e8cd020e33f9f2de1a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GlobalAlloc
InitializeCriticalSection
QueryPerformanceCounter
CreateProcessA
HeapReAlloc
GetCurrentProcess
GetCPInfo
SetStdHandle
GetProcAddress
LoadLibraryExW
UnhandledExceptionFilter
CreateThread
DeleteFileA
LocalAlloc
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetModuleFileNameA
GlobalUnlock
HeapAlloc
LCMapStringA
ReleaseMutex
GetLastError
VirtualAlloc
GetModuleHandleA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InterlockedDecrement
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringW

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 464KB - Virtual size: 466KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc71c1be7db21e8cd020e33f9f2de1a8

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 464KB - Virtual size: 466KB

.rsrc Size: 4KB - Virtual size: 632B

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 464KB - Virtual size: 466KB

.rsrc
Size: 4KB - Virtual size: 632B