6d1545db8933e5696adf614da37850d0_JaffaCakes118

General

Target

6d1545db8933e5696adf614da37850d0_JaffaCakes118
Size

100KB
MD5

6d1545db8933e5696adf614da37850d0
SHA1

f345223abac74edd6d84b3718ff0e930a62219a8
SHA256

c7a1f8d16642703830d366aa9e0d91a434ebd9931465520bb5ad6124d477dd36
SHA512

98befb86cc11680a801cd908761e1fd7c1d082c960bf9d97d1a261b6cb13d17c8cc07ef815a823e0e4943ff523df3ae496dc274aab47f6714ee0c848ad486b8a
SSDEEP

1536:UF4Ap0b8MAqh5+6kfR3BlRSB/OI76cY6nh4FQ2IKPrdfGPZLv:UF4rJo58B/OI76z6htxOtGPZLv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6d1545db8933e5696adf614da37850d0_JaffaCakes118

Files

6d1545db8933e5696adf614da37850d0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7858954ce75f92169d23f9cd082481b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\google\src\tiger86_v2.pdb

Imports

kernel32

LockFile
CloseHandle
SetStdHandle
GetLocaleInfoW
FlushFileBuffers
SetFilePointer
VirtualProtect
LCMapStringW
LCMapStringA
VirtualQuery
RtlUnwind
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
LoadLibraryA
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
Sleep
GetCPInfo
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
WriteFile
MultiByteToWideChar
GetLastError
GetModuleHandleA
GetProcAddress
ExitProcess
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
GetCommandLineA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LocalAlloc
FormatMessageA
LocalFree
GetDiskFreeSpaceA
lstrcatW
lstrcmpA

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7858954ce75f92169d23f9cd082481b8

Headers

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 80KB - Virtual size: 77KB

.data Size: 4KB - Virtual size: 321KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 80KB - Virtual size: 77KB

.data
Size: 4KB - Virtual size: 321KB

.rsrc
Size: 12KB - Virtual size: 8KB