3d854e7740bafc21cb01faef65c7cea2_JaffaCakes118

General

Target

3d854e7740bafc21cb01faef65c7cea2_JaffaCakes118
Size

84KB
MD5

3d854e7740bafc21cb01faef65c7cea2
SHA1

3101c1b1eefca74ef7b908547575dce4a6111095
SHA256

dd3166caffa53300eab274776c7fd808a7def400f583daa95264a83797886724
SHA512

985eda78debf86b29a222be94db739b7504f1f07b62b47704c4998d37e375e3b729e894b97033b00d14c862011ca382e48b2ccce601635437a0668b7327a747b
SSDEEP

1536:qm48SB0fHF0GG/yYaBjNJYWSiLZj45ctBe2UNDl:J4Gl0R81YWZ8iUn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d854e7740bafc21cb01faef65c7cea2_JaffaCakes118

Files

3d854e7740bafc21cb01faef65c7cea2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7edc101aca50a3736b01def954da80c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

_close
_fdopen
_fileno
_fstat
_getcwd
_open
_pclose
_popen
_read
_strdup
__getmainargs
__isascii
__iscsym
__iscsymf
__mb_cur_max
__p__environ
__set_app_type
__toascii
_assert
_cexit
_errno
_fileno
_fmode
_fpreset
_iob
_setmode
_stricmp
_strnicmp
_wcsicmp
abort
atexit
bsearch
calloc
clearerr
exit
fclose
feof
ferror
fflush
fgets
fopen
fprintf
fputs
fread
free
ftell
fwrite
getc
getenv
isalnum
isalpha
iscntrl
isdigit
isgraph
islower
isprint
ispunct
isspace
isupper
isxdigit
malloc
memchr
memcpy
memmove
memset
putc
qsort
realloc
rename
rewind
setlocale
signal
sprintf
strchr
strcmp
strcpy
strerror
strncmp
strrchr
strstr
strtoul
tolower
toupper
ungetc
vfprintf

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hljsh
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7edc101aca50a3736b01def954da80c8

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 80KB - Virtual size: 79KB

.data Size: 512B - Virtual size: 432B

.bss Size: - Virtual size: 20KB

.idata Size: 2KB - Virtual size: 2KB

hljsh Size: 512B - Virtual size: 512B

.text
Size: 80KB - Virtual size: 79KB

.data
Size: 512B - Virtual size: 432B

.bss
Size: - Virtual size: 20KB

.idata
Size: 2KB - Virtual size: 2KB

hljsh
Size: 512B - Virtual size: 512B