JaffaCakes118_9c06e0e1858701cc632ff0ed06d48efb

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_9c06e0e1858701cc632ff0ed06d48efb
Size

1.5MB
MD5

9c06e0e1858701cc632ff0ed06d48efb
SHA1

5683f8ac98732a31fb0da617c5b892b78ca90066
SHA256

55a6107a5ad6b8cd13b69794498a3b890ed6a5803cda738bd98c16f0077f0ebf
SHA512

89ef8bd6a1d6572d891502d375850d09f0e5a5682debb3def1ea06734ed3ddcd9cdf74ee08332cf85e9fe7c4b1938b307df24b4fc6670f74f002e4b2af796415
SSDEEP

24576:fiINCguyl+wsmtRR2nBUIcMu6dhHp6OZ3i8G/lNBaX8Ug4iU+Z2fxOT6D2G/N1Fb:yguyYwwBxcrg8yS8G/LjU+CxLc7I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_9c06e0e1858701cc632ff0ed06d48efb

Files

JaffaCakes118_9c06e0e1858701cc632ff0ed06d48efb
.exe windows:6 windows x86 arch:x86

3fd48f2b49a69674203a1b3779fc17fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
GetCurrentProcess
GetModuleHandleW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess

user32

MessageBoxW

shell32

ShellExecuteW

vcruntime140

__current_exception_context
__current_exception
memset
_except_handler4_common

api-ms-win-crt-stdio-l1-1-0

fwrite
__p__commode
fclose
_set_fmode
fopen

api-ms-win-crt-runtime-l1-1-0

_c_exit
_cexit
_initterm
_initialize_onexit_table
__p___argv
_register_thread_local_exe_atexit_callback
_crt_atexit
_controlfp_s
terminate
_get_initial_narrow_environment
_initialize_narrow_environment
_initterm_e
__p___argc
exit
_configure_narrow_argv
_register_onexit_function
_exit
_set_app_type
_seh_filter_exe

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3fd48f2b49a69674203a1b3779fc17fd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1.5MB - Virtual size: 1.5MB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 412B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1.5MB - Virtual size: 1.5MB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 412B