4238cdf96d3bb7d04e39254f17403a92_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4238cdf96d3bb7d04e39254f17403a92_JaffaCakes118
Size

1.0MB
MD5

4238cdf96d3bb7d04e39254f17403a92
SHA1

e70cab00c917ec5b1010395e65df490d12e0fb02
SHA256

b0362d9f5b068792226a4f59beb4642c49eb4e73d03f3941719861d1522a76dd
SHA512

ea3f04522c0d883919344e8bc1effac1df9ded37566f7b046f6cd6080a9f42ad1627e94055138c9673bde98463d12861cbd5a3e6df9cfaea4041829463f7abaf
SSDEEP

24576:A9M0FYm4jtRFPL6THgb/QWFIcqc/xGuNNhxq:AdFYzL6q9aXcRhQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4238cdf96d3bb7d04e39254f17403a92_JaffaCakes118

Files

4238cdf96d3bb7d04e39254f17403a92_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3b4f3cb39e1d4cba4b50091797422eb6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertSetCertificateContextProperty
CertFreeCRLContext
CertFreeCTLContext
CertControlStore
CertGetPublicKeyLength
CertOpenStore
CryptExportPKCS8
CryptQueryObject
CertGetCertificateChain
CertFreeCertificateChain
CryptMsgUpdate
CryptMsgOpenToDecode
CryptEnumOIDInfo
CryptFindOIDInfo
CryptExportPublicKeyInfo
CryptEncodeObject

kernel32

GetLastError
SetHandleCount
GetStdHandle
WriteFile
FindClose
CloseHandle
FileTimeToLocalFileTime
TlsAlloc
TlsSetValue
TlsFree
LoadLibraryExW
CreateProcessW
FindFirstFileW
FindNextFileW
GetStringTypeW
GetEnvironmentStringsW
ExitProcess
VirtualAlloc
GlobalUnlock
GetProcAddress
GetCurrentThreadId
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetCommandLineW
SetLastError
EncodePointer
DecodePointer
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsGetValue
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
HeapFree
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
RtlUnwind
OutputDebugStringW
HeapAlloc
HeapReAlloc
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
CreateFileW

comdlg32

GetSaveFileNameW
FindTextW
ChooseFontW
PrintDlgW
GetOpenFileNameW

psapi

GetDeviceDriverBaseNameW
EnumDeviceDrivers
GetDeviceDriverFileNameW

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 346KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 228KB - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.9oesie
Size: 415KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3b4f3cb39e1d4cba4b50091797422eb6

Headers

File Characteristics

Imports

crypt32

kernel32

comdlg32

psapi

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 346KB - Virtual size: 345KB

.data Size: 228KB - Virtual size: 6.7MB

.9oesie Size: 415KB - Virtual size: 418KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 346KB - Virtual size: 345KB

.data
Size: 228KB - Virtual size: 6.7MB

.9oesie
Size: 415KB - Virtual size: 418KB