4c729d93ac17a27c512b12d28bcf0016_JaffaCakes118

General

Target

4c729d93ac17a27c512b12d28bcf0016_JaffaCakes118
Size

161KB
MD5

4c729d93ac17a27c512b12d28bcf0016
SHA1

4292af555c26a1d56d30981da7e7a41570bbbef4
SHA256

b16c6a67e3629c27092661cec1d7643afc8d83f7902a8fcfb6691f310b95fbcb
SHA512

5820f8e83908304b81fc90167eeddff5b731b7814962fd60d200fcc3ef0af059457ad5fedcb535b87090220e19e7e5e7d97a4690e2befeb98d3fee6ac792a2c2
SSDEEP

3072:t8kZg48AF+48Frj/aP4puZwTapKw7m19QJkoXh/A5/3IJSFd:1WdnjSP4p4IKJptnk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c729d93ac17a27c512b12d28bcf0016_JaffaCakes118

Files

4c729d93ac17a27c512b12d28bcf0016_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c9ec96eeca696f0042ace5eb19a1007d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW
SystemTimeToTzSpecificLocalTime
WritePrivateProfileStringW
GetConsoleCP
HeapDestroy
LoadResource
SetConsoleCursorPosition
DeleteVolumeMountPointW
SetEnvironmentVariableW
OutputDebugStringA
SetErrorMode
MulDiv
IsBadReadPtr
TlsSetValue
GetModuleHandleExW
FatalAppExitA
GetModuleFileNameW
lstrlenW
FindNextChangeNotification
GetLocalTime
ExitProcess
IsValidLocale
SizeofResource
AllocConsole
GetVersionExA
VirtualProtect
GetCurrentProcessId
GetTempPathA
DuplicateHandle
GetSystemDirectoryW
GetFileTime
GetSystemDirectoryA
GetDriveTypeW
GetOEMCP
CreateMutexA
HeapCreate
GetEnvironmentVariableW
WaitForMultipleObjects
InterlockedExchangeAdd
SetConsoleWindowInfo
SignalObjectAndWait
DecodePointer
InterlockedPopEntrySList
CreateActCtxW
Sleep
FindFirstFileW
IsDBCSLeadByte
LeaveCriticalSection
FindNextFileA
SetFileAttributesA
GetStringTypeExA
DeviceIoControl
ReadConsoleInputA
SetThreadContext
GetWindowsDirectoryW
LockResource
SwitchToThread
FormatMessageA

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9ec96eeca696f0042ace5eb19a1007d

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 141KB - Virtual size: 141KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 141KB - Virtual size: 141KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 16KB - Virtual size: 16KB