f4ba15eacbc2e9735857a4bb7ff6bbc6_JaffaCakes118

General

Target

f4ba15eacbc2e9735857a4bb7ff6bbc6_JaffaCakes118
Size

46KB
MD5

f4ba15eacbc2e9735857a4bb7ff6bbc6
SHA1

b6431401d660e07a17e806bcb7a94ad561aef76a
SHA256

23d991c1bd93a15062bc24f394cd18211cbbf4bdb1c60d2da8cd203fa4198389
SHA512

fd6cfdcee3e8f4a3024f9db84bfb5ad5b35f94af8c8cae9b33d11b5523855f788247fd0c86f98063bb57c93eb92510848cfc5d491aaffe8fd18e70d702d6abff
SSDEEP

768:5yo6mcKzmwbFx82oun5BpUuVCVqRp0eNZMDhfTusnonz7cKveOIiWOO+D+CRdaNV:co6tKi0oCTHCVqRprqtusnonX/0Rad

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4ba15eacbc2e9735857a4bb7ff6bbc6_JaffaCakes118

Files

f4ba15eacbc2e9735857a4bb7ff6bbc6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4410b5dd688e6c245966070d3405a143

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryW
GetProcessTimes
GetTickCount
ExpandEnvironmentStringsW
GetThreadPriority
GetCurrentThreadId
lstrcpyA
CreateMutexW
lstrcatA
GetComputerNameW
ReleaseMutex
GetCommandLineA
GetCurrentProcessId
DisconnectNamedPipe
GetTimeZoneInformation
CloseHandle
GetProcessHeap
lstrlenA
GetModuleHandleA
DeleteFileW
CreateFileW
SetFileTime
CreateProcessW
MultiByteToWideChar
HeapFree
Sleep
HeapReAlloc
GlobalUnlock
lstrcatW
SetFileAttributesW
lstrcpyW
GetFileSizeEx
lstrcmpiW
GetFileTime
ReadFile
HeapAlloc
GetSystemTime
WriteProcessMemory
CreateThread
SetFilePointer
CopyFileW
WriteFile
CreateFileMappingW
GetLocalTime
GetExitCodeProcess
GetUserDefaultUILanguage
GetDriveTypeW
FindNextFileW
OpenMutexW
SetEndOfFile
FindClose
GetModuleFileNameW
GetLastError
lstrcpynW
GetTempFileNameW
EnterCriticalSection
GetVersionExW
SetLastError
FlushFileBuffers
WideCharToMultiByte
IsBadReadPtr
GetFileSize
GetLogicalDrives
FindFirstFileW
OpenProcess
GlobalLock
lstrlenW
LeaveCriticalSection
MoveFileExW
ResetEvent
MapViewOfFile
SetThreadPriority
CreateEventW
InitializeCriticalSection
UnmapViewOfFile
SetEvent
GetTempPathW
FindResourceW
GetModuleFileNameA
lstrcmpiA
WaitForSingleObject
GetSystemTimeAsFileTime
SystemTimeToFileTime

user32

DrawIcon
ToUnicode
DispatchMessageW
CloseDesktop
GetKeyState
ExitWindowsEx
GetMessageW
PeekMessageA

Sections

.qhcdgt
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adsdwn
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xyd
Size: 7KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4410b5dd688e6c245966070d3405a143

Headers

File Characteristics

Imports

kernel32

user32

Sections

.qhcdgt Size: 36KB - Virtual size: 56KB

.adsdwn Size: 2KB - Virtual size: 4KB

.xyd Size: 7KB - Virtual size: 76KB

.qhcdgt
Size: 36KB - Virtual size: 56KB

.adsdwn
Size: 2KB - Virtual size: 4KB

.xyd
Size: 7KB - Virtual size: 76KB