46e1d7831b43fc01a9f978bef17c2672_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

46e1d7831b43fc01a9f978bef17c2672_JaffaCakes118
Size

457KB
MD5

46e1d7831b43fc01a9f978bef17c2672
SHA1

4c206bf6b6323424e49feab04476d1773c7f79da
SHA256

a48e435b7c4148795ae213e803ee24d8cc96c8f583043c95e14e35eff78ea6ef
SHA512

8a928e0a3247151df410266afc2a2ebaa25331228b12a74e0c2a066bbab710a533a9f7f8e987f1aa8f7d45c85bd3f0be825e635bb8af74c4e479d6bc748e6a1a
SSDEEP

12288:TP35zZPDkZpErb2u2dARrAOr00I2rpoHRNnRbmJiKqTyMwgDb2GhO+qQ2cGQL7fl:T2r7RwIDAnW3XJ8s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46e1d7831b43fc01a9f978bef17c2672_JaffaCakes118

Files

46e1d7831b43fc01a9f978bef17c2672_JaffaCakes118
.exe windows:4 windows x86 arch:x86

90a937fa841cca1b59015c5de0cab19d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetStringTypeW
GetTimeFormatA
LCMapStringW
GetProcAddress
GetTimeZoneInformation
HeapReAlloc
MultiByteToWideChar
GetCommandLineW
GetEnvironmentStringsW
GetCurrentProcessId
SetHandleCount
GetStringTypeExA
EnumSystemLocalesA
SetLastError
VirtualProtect
GetUserDefaultLCID
GetFileAttributesW
TlsAlloc
WideCharToMultiByte
GetACP
TlsGetValue
OpenSemaphoreW
GetOEMCP
HeapCreate
WritePrivateProfileSectionA
GetDateFormatA
GetCurrentDirectoryA
CreateNamedPipeA
ExitProcess
GetTickCount
WaitForSingleObject
SetEnvironmentVariableA
HeapFree
CompareStringA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryA
QueryPerformanceCounter
CreateMailslotA
VirtualAlloc
ConnectNamedPipe
LocalAlloc
TlsSetValue
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
CompareStringW
FreeEnvironmentStringsA
GetCommandLineA
IsValidCodePage
TlsFree
GetSystemInfo
VirtualFree
GetSystemTimeAsFileTime
DeleteCriticalSection
UnhandledExceptionFilter
SetEvent
EnterCriticalSection
FreeEnvironmentStringsW
ExitThread
LCMapStringA
HeapDestroy
GetLocaleInfoW
CreateNamedPipeW
GetCPInfo
IsValidLocale
RtlZeroMemory
GetStringTypeA
LeaveCriticalSection
GetCurrentThread
GetSystemTime
InterlockedExchange
GetFileType
WriteFile
SetCurrentDirectoryA
HeapSize
IsDebuggerPresent
ExpandEnvironmentStringsW
GetVersionExA
GetStdHandle
HeapAlloc
IsBadWritePtr
ReadFileEx
GetDiskFreeSpaceW
GetStartupInfoA
VirtualQuery
GetModuleHandleA
InitializeCriticalSection
GetEnvironmentStrings

comdlg32

FindTextW
ChooseColorW
FindTextA
ReplaceTextW
PageSetupDlgA
PrintDlgW
ReplaceTextA
PrintDlgA
GetFileTitleW
ChooseFontW
GetSaveFileNameA
PageSetupDlgW

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90a937fa841cca1b59015c5de0cab19d

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 177KB - Virtual size: 177KB

.data Size: 272KB - Virtual size: 272KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 177KB - Virtual size: 177KB

.data
Size: 272KB - Virtual size: 272KB

.rsrc
Size: 6KB - Virtual size: 5KB