f4156a2866327ae39778d5ae381f82f6_JaffaCakes118

General

Target

f4156a2866327ae39778d5ae381f82f6_JaffaCakes118
Size

423KB
MD5

f4156a2866327ae39778d5ae381f82f6
SHA1

55b89b0ec88f7140e56b91f9a1b0ee89a896e277
SHA256

a692b0af226f23437d2a7243fb3efa59d1888f163a13126969a1564319ba973f
SHA512

3e67ac50d40e7ccce46dd418086c4d5ab0d7b29bfbb33045e5ac4261ec883ef869bd1af4b94419de083fc7aca93e6d02948ba8b4ea78fe4005b6494be10b58bb
SSDEEP

6144:3cvRIRfF9PiH+B+6KPSQTcUxVx/YrgUuoyWp9sMcBZeuZUoXi7V9Hf4XSpbPGxV4:3iG6efKPSHaj/y6Wp9mZeQi7VleA+l4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4156a2866327ae39778d5ae381f82f6_JaffaCakes118

Files

f4156a2866327ae39778d5ae381f82f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6cf0cfc1679ef2a4e8171c3886f49a9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHEmptyRecycleBinA
SHUpdateRecycleBinIcon
SHLoadInProc

kernel32

HeapFree
WideCharToMultiByte
CreateMailslotA
MultiByteToWideChar
TlsSetValue
GetEnvironmentStringsW
GetThreadTimes
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FileTimeToSystemTime
WriteFile
TlsAlloc
VirtualFree
GetEnvironmentStrings
IsBadWritePtr
TlsGetValue
LCMapStringA
GetPrivateProfileSectionNamesW
HeapDestroy
TlsFree
GetExitCodeThread
GetVersion
VirtualQuery
GetCPInfo
EnterCriticalSection
HeapCreate
RtlUnwind
ExitProcess
SetLastError
LCMapStringW
GetStringTypeA
RtlFillMemory
GetModuleFileNameA
InitializeCriticalSection
SetHandleCount
TerminateProcess
GetACP
GetCurrentProcessId
OpenMutexW
GetSystemDefaultLCID
GetCommandLineA
GetCurrentThreadId
GetCurrentThread
InterlockedExchange
GetModuleHandleA
GetLastError
HeapAlloc
VirtualAlloc
UnhandledExceptionFilter
SetConsoleWindowInfo
GetStartupInfoA
LeaveCriticalSection
GetCurrentProcess
GetTickCount
GetStdHandle
FlushViewOfFile
QueryPerformanceCounter
LoadLibraryA
HeapReAlloc
GetOEMCP
TransmitCommChar
GetLocaleInfoA
OpenEventW
GetFileType
GetProcAddress
DeleteCriticalSection
GetStringTypeW

Sections

.text
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cf0cfc1679ef2a4e8171c3886f49a9b

Headers

File Characteristics

Imports

shell32

kernel32

Sections

.text Size: 127KB - Virtual size: 126KB

.rdata Size: 3KB - Virtual size: 22KB

.data Size: 283KB - Virtual size: 282KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 127KB - Virtual size: 126KB

.rdata
Size: 3KB - Virtual size: 22KB

.data
Size: 283KB - Virtual size: 282KB

.rsrc
Size: 9KB - Virtual size: 9KB