JaffaCakes118_56862ecfc66c6941e12357f602424b25

General

Target

JaffaCakes118_56862ecfc66c6941e12357f602424b25
Size

476KB
MD5

56862ecfc66c6941e12357f602424b25
SHA1

c0ad1a78286d3f6e11492d0fbcf305f02f73a28f
SHA256

5da4a3e61bf7cf4a2d4240bc3b1de93a61e57fc3519e13caf2474f7d12030d3f
SHA512

3eda14f758cc3e7a3df5a88e9da817729b93b8955a34b6c0cd26a67b7eb750a7ba487e2305974e457b5258b4c79c1d21d863e7ca05c67718e2fdf1164cd67369
SSDEEP

6144:9qOVverctVjgK6GuQq9+vAG+wLhLL/Z0axth2uL29E2xlVqc:9q2veAtaK6GuQq9lG5hLL/guLT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_56862ecfc66c6941e12357f602424b25

Files

JaffaCakes118_56862ecfc66c6941e12357f602424b25
.exe windows:4 windows x86 arch:x86

c3cf112674c608cb9db8b620444aa92f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
lstrlenA
SetFilePointer
WriteFile
CreateFileA
VirtualAlloc
GetModuleFileNameA
FreeLibrary
VirtualQueryEx
ReadProcessMemory
GetThreadContext
CreateProcessA
TerminateProcess
ResumeThread
SetThreadContext
WriteProcessMemory
VirtualProtectEx
VirtualFree
GetModuleHandleA
ExitProcess
ReadFile
GetFileSize
CopyFileA
GetLocalTime
LocalAlloc
InterlockedExchange
RaiseException
GetLastError
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
RtlUnwind
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 444KB - Virtual size: 447KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c3cf112674c608cb9db8b620444aa92f

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 444KB - Virtual size: 447KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 444KB - Virtual size: 447KB