846b0263d419cc3e76ed21eb5f40c1ff_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

846b0263d419cc3e76ed21eb5f40c1ff_JaffaCakes118
Size

13KB
MD5

846b0263d419cc3e76ed21eb5f40c1ff
SHA1

120e434786ba58b3ff15f4f77342464ef84e6ee3
SHA256

269604cdb4ae794da6be5e4c099f0ec0a0ca58e6af044a9aa5688b2947a0175f
SHA512

702384b843650d939d634fe3ce8e202da78204f2d3ac5757afb832ebf47ee057838e93b93a6f80749180ef7da925672110d4828d4e91268d72247ac8ec477e56
SSDEEP

192:uN340gteeNuvluA+0rVufaA7uCm1dJnxI/v/E4SFVYp+WRclWI:U7gtfpA3riPijnGvs4SFVYp+WmlW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
846b0263d419cc3e76ed21eb5f40c1ff_JaffaCakes118

Files

846b0263d419cc3e76ed21eb5f40c1ff_JaffaCakes118
.exe windows:10 windows x86 arch:x86

2fbf649d4129f434749dccbe2a322194

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

exit

iphlpapi

IcmpCreateFile

ws2_32

WSACleanup

api-ms-win-core-localization-l1-2-1

FormatMessageW

api-ms-win-core-registry-l1-1-0

RegCloseKey

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-errorhandling-l1-1-1

GetLastError

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-console-l1-1-0

GetConsoleMode

api-ms-win-core-heap-l1-2-0

HeapSetInformation

api-ms-win-core-processthreads-l1-1-2

TerminateProcess

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleA

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-2-1

GetTickCount

api-ms-win-core-processenvironment-l1-2-0

GetEnvironmentVariableW

api-ms-win-core-string-l1-1-0

WideCharToMultiByte

api-ms-win-core-file-l1-2-1

GetFileType

ntdll

RtlIpv4StringToAddressW

Sections

.MPRESS1
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2fbf649d4129f434749dccbe2a322194

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

iphlpapi

ws2_32

api-ms-win-core-localization-l1-2-1

api-ms-win-core-registry-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-errorhandling-l1-1-1

api-ms-win-core-heap-l2-1-0

api-ms-win-core-console-l1-1-0

api-ms-win-core-heap-l1-2-0

api-ms-win-core-processthreads-l1-1-2

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-2-1

api-ms-win-core-processenvironment-l1-2-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-file-l1-2-1

ntdll

Sections

.MPRESS1 Size: 8KB - Virtual size: 32KB

.MPRESS2 Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 2KB

.MPRESS1
Size: 8KB - Virtual size: 32KB

.MPRESS2
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 2KB