JaffaCakes118_46b5874e9b9bb840ae324b04473097c3c295830df07f1c49511bf3c246199963

General

Target

JaffaCakes118_46b5874e9b9bb840ae324b04473097c3c295830df07f1c49511bf3c246199963
Size

282KB
MD5

5a8240c95e632628c6715dcbd6beda2e
SHA1

a443e3a4202951fbeb4af0bd10fcdb818f0c58d4
SHA256

46b5874e9b9bb840ae324b04473097c3c295830df07f1c49511bf3c246199963
SHA512

50ff52ca9cbcd7fe98649c07b92e62b6a48c3c6c0645d10a603a39cc06161d6866ecfaa99fe1c56ddd347f51511578237e4abb5047b52d6de3d4e0399c119ffe
SSDEEP

6144:0IIYWs9kMPYVValUveAWZLbWt4XweBMVDY4DDb+XY28d+4nIp2fE:0dXMPYrElLbe2/B4DY8mI28dap2s

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3ebbc1ac0f109ef8c0f7e7e682c1394c9e9de07b3d6a3943266a1a35cb0b5b01

JaffaCakes118_46b5874e9b9bb840ae324b04473097c3c295830df07f1c49511bf3c246199963
.zip

Password: infected
3ebbc1ac0f109ef8c0f7e7e682c1394c9e9de07b3d6a3943266a1a35cb0b5b01
.exe windows:5 windows x86 arch:x86

f05c6a5e7905dea048341f75b4a5e565

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
ExitThread
GetLastError
GetModuleHandleA
Sleep
GetProcAddress
VirtualProtect
CreateFileA
WriteFile
ReadFile
CreateMailslotA
CloseHandle
GetCurrentProcessId
HeapReAlloc
HeapAlloc
HeapFree
WaitForSingleObject
TerminateThread
GetModuleFileNameW
VirtualAlloc
GetExitCodeThread
CreateThread
lstrlenA
LoadLibraryA

user32

wsprintfA

ntdll

memcpy
memset

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ