4172ed396b96f90b7f32eae5999c3d0e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4172ed396b96f90b7f32eae5999c3d0e_JaffaCakes118
Size

486KB
MD5

4172ed396b96f90b7f32eae5999c3d0e
SHA1

0997307a4abcec35b494de512931b973ea6620ce
SHA256

6b6ca9b09939e648e38c48dce081415fc0dc3e554643915272bf2910d437a790
SHA512

d83dce456ccaeaa9bdde546d2a24c36bd7f4b2660992d330cf1840fbcc4678687485e8772b1b2a59317b71ee9369a9386e73ea728f5f2c854aee47a80db87b71
SSDEEP

12288:nIDVg44mDEDKEOiGXOafzHVk4PywUJrE9d7v7nc:nIRMmkWZkEAab7n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4172ed396b96f90b7f32eae5999c3d0e_JaffaCakes118

Files

4172ed396b96f90b7f32eae5999c3d0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d5410e92e46bec030f16a0cdc7ee6596

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
FreeLibrary
SetHandleCount
DeleteCriticalSection
RtlUnwind
HeapSize
CompareStringW
GetCurrentProcess
GetTimeFormatA
VirtualAlloc
Sleep
MultiByteToWideChar
HeapReAlloc
GetStartupInfoW
GetFileSize
GetStartupInfoA
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetModuleFileNameA
GetLastError
HeapDestroy
ExitProcess
GetModuleFileNameW
HeapCreate
InterlockedIncrement
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetDateFormatA
IsValidLocale
QueryPerformanceCounter
CreateMutexW
TlsSetValue
GetConsoleOutputCP
TlsGetValue
WriteFile
GetCurrentThread
HeapAlloc
GetStringTypeA
HeapFree
LocalCompact
TlsAlloc
GetCurrentProcessId
CompareStringA
InitializeCriticalSectionAndSpinCount
GetUserDefaultLCID
VirtualFree
IsValidCodePage
GetCommandLineW
GetModuleHandleW
InterlockedDecrement
GetFileType
LeaveCriticalSection
UnhandledExceptionFilter
GetVersionExW
EnterCriticalSection
GetModuleHandleA
VirtualAllocEx
GetLocaleInfoW
WaitNamedPipeA
HeapLock
TlsFree
GetACP
FreeEnvironmentStringsW
GetCPInfo
IsDebuggerPresent
GetProcAddress
GetOEMCP
GetStdHandle
EnumSystemLocalesA
SetEnvironmentVariableA
InterlockedExchange
LCMapStringA
TerminateProcess
GetStringTypeW
VirtualQuery
LCMapStringW
WideCharToMultiByte
SetConsoleCtrlHandler
SetLastError
GetCurrentThreadId

comdlg32

GetOpenFileNameA
GetSaveFileNameW
GetSaveFileNameA
PrintDlgA
ReplaceTextW
ReplaceTextA
ChooseFontA
GetFileTitleW
PageSetupDlgA
GetOpenFileNameW
FindTextA
PrintDlgW
ChooseFontW
GetFileTitleA
LoadAlterBitmap
ChooseColorW
FindTextW

shell32

SHLoadInProc
SHFormatDrive

Sections

.text
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5410e92e46bec030f16a0cdc7ee6596

Headers

File Characteristics

Imports

kernel32

comdlg32

shell32

Sections

.text Size: 198KB - Virtual size: 198KB

.data Size: 277KB - Virtual size: 277KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 198KB - Virtual size: 198KB

.data
Size: 277KB - Virtual size: 277KB

.rsrc
Size: 9KB - Virtual size: 9KB