4976b53a229f1a8b9e5a5ff068a6ec0f_JaffaCakes118

General

Target

4976b53a229f1a8b9e5a5ff068a6ec0f_JaffaCakes118
Size

1.1MB
MD5

4976b53a229f1a8b9e5a5ff068a6ec0f
SHA1

73041c7bdb5aa9134e36138655331dca8eef0ff4
SHA256

d1186e20a696cafd80ed943f979d9035f16e14c49a1d3193e37ffcb45de85162
SHA512

6848044f727e5c1de1e5513debc5e77124b0dd37cb8865145a37491683143e1d929440655210e4acd1ea4757d32449873579516dac0c5dd999b51a380573b36d
SSDEEP

24576:PrEyOWgvOWKU8QeywFjodCPYwB3oOMsGUReDBe5U4:Ylv2Oeyw10CFBXMsxReF34

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4976b53a229f1a8b9e5a5ff068a6ec0f_JaffaCakes118

Files

4976b53a229f1a8b9e5a5ff068a6ec0f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

606c52fc30a67617ba6fe91d22705ea8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_exit
__p___winitenv
exit
_XcptFilter

kernel32

WideCharToMultiByte
FreeConsole
GetUserDefaultLCID
GetLocaleInfoW
GetCPInfo
CreateFileW
FindResourceW
LoadLibraryExW
lstrlenW
lstrcmpW
SystemTimeToFileTime
GetSystemInfo
MulDiv
CloseHandle
SetEndOfFile
GetFileType
GetProcAddress
VirtualAlloc
HeapAlloc
GetCurrentThreadId
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ReleaseSemaphore
LoadResource

secur32

FreeCredentialsHandle

shell32

SHGetPathFromIDListW
CommandLineToArgvW
DragAcceptFiles
DragFinish

oleaut32

VariantCopy
CreateErrorInfo
GetErrorInfo
SetErrorInfo
RegisterTypeLi
LoadTypeLi
VarNot
SysAllocStringLen
SysReAllocStringLen
SysStringLen
SafeArrayCreate
SafeArrayRedim
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayPtrOfIndex
VariantClear
VariantCopyInd
VariantChangeType
VarI4FromStr
VarR8FromStr
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromBool
VarBoolFromStr
VarNeg

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 420KB - Virtual size: 7.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rd8f
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 379KB - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

606c52fc30a67617ba6fe91d22705ea8

Headers

File Characteristics

Imports

msvcrt

kernel32

secur32

shell32

oleaut32

Sections

.text Size: 43KB - Virtual size: 42KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 420KB - Virtual size: 7.7MB

.rd8f Size: 314KB - Virtual size: 314KB

.rsrc Size: 379KB - Virtual size: 379KB

.text
Size: 43KB - Virtual size: 42KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 420KB - Virtual size: 7.7MB

.rd8f
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 379KB - Virtual size: 379KB