f46ee4929b3974790d9a9ffd122aea48_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f46ee4929b3974790d9a9ffd122aea48_JaffaCakes118
Size

417KB
MD5

f46ee4929b3974790d9a9ffd122aea48
SHA1

3a9f56c18995ebf836ab1fa95ee1c85f18b28172
SHA256

e1d9abeca2bc0f3cdbf120f0ddb9f833fcc2577d24ad14f721528c358a335d29
SHA512

23c187eb2416546ac9151504e90c89fc0d44b231a8828f597c7e84ca34ae35828e70afc3d05da5215cea6ecd8e1ccf01d3f4e87ccf875d41e78178fc4331bbad
SSDEEP

12288:Bw+sdPDdNURs81O9ceHUDXip0Jsu7Cfh:B7sjo1ZeHEXip+Ifh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f46ee4929b3974790d9a9ffd122aea48_JaffaCakes118

Files

f46ee4929b3974790d9a9ffd122aea48_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ffcc56e57a2b5f51cfc640a243ddaed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyW

shell32

SHBrowseForFolderA
RealShellExecuteExW
RealShellExecuteExA
FindExecutableW

kernel32

GetTimeFormatW
LocalCompact
UnhandledExceptionFilter
GetACP
GetModuleFileNameA
WriteConsoleInputW
SetCurrentDirectoryA
WideCharToMultiByte
GetLastError
LCMapStringW
FindNextChangeNotification
LoadLibraryA
LocalHandle
InterlockedExchange
DeleteCriticalSection
GetCurrentThread
MapViewOfFile
LCMapStringA
SetUnhandledExceptionFilter
GetProcAddress
EnumSystemLocalesA
VirtualAlloc
RtlUnwind
GetFileType
EnumSystemCodePagesW
VirtualFree
HeapReAlloc
HeapFree
InitializeCriticalSectionAndSpinCount
SetLastError
GetEnvironmentStrings
InterlockedIncrement
EnumTimeFormatsA
GetModuleHandleA
GetCommandLineA
GetStringTypeExA
TlsSetValue
GetLocaleInfoA
QueryPerformanceCounter
GetCurrentProcess
GetTimeFormatA
FoldStringW
GetEnvironmentStringsW
GetModuleHandleW
FreeEnvironmentStringsW
WriteFileEx
IsDebuggerPresent
GetAtomNameA
CloseHandle
HeapCreate
MultiByteToWideChar
HeapAlloc
FreeEnvironmentStringsA
TerminateProcess
GetPrivateProfileSectionA
GetCPInfo
LeaveCriticalSection
Sleep
SetHandleCount
EnumResourceNamesA
TlsGetValue
GetStartupInfoA
GetLocaleInfoW
FreeLibrary
GetStdHandle
GetCurrentThreadId
ConvertDefaultLocale
GetCurrentProcessId
HeapDestroy
GetDateFormatA
EnterCriticalSection
InterlockedDecrement
GetUserDefaultLCID
IsValidCodePage
TlsFree
IsValidLocale
HeapSize
VirtualQuery
TlsAlloc
GetNumberFormatW
CompareStringA
GetCurrencyFormatW
SetConsoleCtrlHandler
GetOEMCP
GetTickCount
GetTimeZoneInformation
GetSystemTimeAsFileTime
ExitProcess
GetStringTypeW
GetStringTypeA
SetEnvironmentVariableA
lstrcatA
WriteFile
FormatMessageW
CompareStringW

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ffcc56e57a2b5f51cfc640a243ddaed

Headers

File Characteristics

Imports

advapi32

shell32

kernel32

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 8KB - Virtual size: 22KB

.data Size: 278KB - Virtual size: 277KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 8KB - Virtual size: 22KB

.data
Size: 278KB - Virtual size: 277KB

.rsrc
Size: 9KB - Virtual size: 9KB