4466d0acceebbaa3bbc1c3082a9c9848_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4466d0acceebbaa3bbc1c3082a9c9848_JaffaCakes118
Size

46KB
MD5

4466d0acceebbaa3bbc1c3082a9c9848
SHA1

68db7c0c4cfb138553975b83a6990f65bbceb60a
SHA256

c1fc6296351549a91ca9dee6a2de3aa7255f3a64cbe62bbee0f6193f490e4f14
SHA512

c005df02b73eafa3fbbacd41d2a62991b09eff778b8d52438e2f12557ac934d3e658f65ec71e32aa05a19828dba6bb11234178d998a1f98290667f37c55b699d
SSDEEP

768:PJGteDZ6ziucd7SQ+wxJVLW3w2SRMNo2AKyYXWcdR4MaBMYftc7mVCDFxdpozaBr:PJGteDZ6zVcd7SQDxJVLF2SRMNo2ZyYf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4466d0acceebbaa3bbc1c3082a9c9848_JaffaCakes118

Files

4466d0acceebbaa3bbc1c3082a9c9848_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9802902255a3d240938580b98d1c72a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

GetVersionExA
GetLastError
CreateFileA
DeviceIoControl
CloseHandle
GetOverlappedResult
CreateEventA
FreeLibrary
lstrcmpiA
lstrcpynA
GetProcAddress
LoadLibraryA
LocalFree
FormatMessageA
GetSystemDirectoryA
FindFirstFileA
Sleep
WinExec
CopyFileA
GetModuleFileNameA
GetModuleHandleA
GetVersion
HeapSize
ResetEvent
CreateThread
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
HeapReAlloc
VirtualAlloc
HeapAlloc
GetCPInfo
GetOEMCP
GetACP
VirtualQuery
InterlockedExchange
RtlUnwind
HeapFree
VirtualFree
LCMapStringW
HeapCreate
HeapDestroy
GetLocaleInfoA
VirtualProtect
ExitThread
GetSystemInfo
ExitProcess
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType

user32

MessageBeep
PostQuitMessage
DefWindowProcA
CreateWindowExA
LoadAcceleratorsA
ShowWindow
UpdateWindow
SetTimer
RegisterClassA
wsprintfA
GetMessageA
TranslateMessage
DispatchMessageA
FindWindowA
SendMessageA
KillTimer
GetSystemMetrics
PostMessageA

advapi32

RegEnumValueA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9802902255a3d240938580b98d1c72a9

Headers

File Characteristics

Imports

version

kernel32

user32

advapi32

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB