4297c5ddae85f00635d05af87fb6bc2f_JaffaCakes118

General

Target

4297c5ddae85f00635d05af87fb6bc2f_JaffaCakes118
Size

224KB
MD5

4297c5ddae85f00635d05af87fb6bc2f
SHA1

90a4172ff7edd9148b5804bc8c238b7a066a073b
SHA256

f180f23c286b01f52dca75a53d7e85603867218e9bb7ba2bc5788117e21fd405
SHA512

129980c25434780b44dbc96a78a227061456885522d7c3de4aa5810a38f770d5e30402f59912ab110f9d276b51e93d6496911d0a5f35224e88786262a9829e0d
SSDEEP

3072:9OZ2NS6/jUJRIz3QUEhD/YP0GgsNBaSbZGlywUvcSQdJSYMrF9FgN:9OEAojUgJ6QMXsNBaSNAjS0q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4297c5ddae85f00635d05af87fb6bc2f_JaffaCakes118

Files

4297c5ddae85f00635d05af87fb6bc2f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e9300249e083526cceee576def20c6d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindVolumeClose
WriteProfileStringA
GetPrivateProfileSectionNamesA
GetProcessHandleCount
EnumTimeFormatsA
CreateFileMappingW
GetTickCount
lstrcmpA
WritePrivateProfileSectionA
GetCommandLineA
GetModuleHandleA
GetFileAttributesExA
FindFirstChangeNotificationA
GetTempPathA
GetPrivateProfileSectionA
GetConsoleAliasA
TransmitCommChar
CommConfigDialogA
WaitForSingleObjectEx
ReadConsoleInputA
VerifyVersionInfoA
GetLocalTime
ClearCommError
CompareStringA
SetFilePointer
GetCommModemStatus
lstrlen
HeapReAlloc
LoadLibraryExW
HeapSetInformation
WriteProcessMemory
GetConsoleCursorMode
SizeofResource
AddConsoleAliasA
GetUserDefaultUILanguage
GetCurrentProcessId
OpenEventA
GetLocaleInfoA
VirtualAlloc
GetVersionExA
WriteConsoleOutputAttribute
SetConsoleFont
GetCurrentConsoleFont
GetVolumePathNameA
GetTempFileNameA
HeapUnlock
GetExitCodeProcess
VirtualAlloc
WriteFileGather
GetConsoleFontSize
GetThreadTimes
GetFileAttributesA
Module32First
LocalAlloc
GetDateFormatA
WriteConsoleOutputCharacterA
lstrcmp
ReadConsoleA
GetDiskFreeSpaceA
GetThreadIOPendingFlag

tapi32

lineAddProviderA

Exports

Exports

Mewdkfip
GetGeatqrvw
WriteVldtlec
Soyyqyhrpie
Bfvbcpbmyal
Garvfcrh

Sections

.itext
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 48KB - Virtual size: 666KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9300249e083526cceee576def20c6d5

Headers

File Characteristics

Imports

kernel32

tapi32

Exports

Exports

Sections

.itext Size: - Virtual size: 1KB

.text Size: 48KB - Virtual size: 666KB

.idata Size: 88KB - Virtual size: 85KB

.rsrc Size: 84KB - Virtual size: 83KB

.itext
Size: - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 666KB

.idata
Size: 88KB - Virtual size: 85KB

.rsrc
Size: 84KB - Virtual size: 83KB