46f4d9fff894622f1d204264fcd08c67_JaffaCakes118

General

Target

46f4d9fff894622f1d204264fcd08c67_JaffaCakes118
Size

955KB
MD5

46f4d9fff894622f1d204264fcd08c67
SHA1

77193056fae035e76b7047dd0efd3ea4dd4df6c3
SHA256

1a8369d43cab578d908f83cc1fb9db1906c46d066642174eed7e1933f84ab8ad
SHA512

1ee9ee954e57d2cde686352280b2082bdf1d7e06a7929f323d457940127cab49ef044e31e5c83f53cf83b1469856fd9e75b3083843a13c598f9a2c8cdec93d74
SSDEEP

12288:Utrnq+vKDelgGGnVAAtZMC12BXnh6ya+sNzaOvoJpaz/g/J/vVQT:qO+yKlX8VAAtZp43u+sNH8az/g/J/NQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46f4d9fff894622f1d204264fcd08c67_JaffaCakes118

Files

46f4d9fff894622f1d204264fcd08c67_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b383ab90251e996f851ae6816a26bd2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA
GetCommandLineA
GetModuleFileNameA
SetLocalTime
GetLocalTime
GetTempFileNameA
GetTempPathA
GetCurrentProcess
VirtualAlloc
ExpandEnvironmentStringsA
GetFileAttributesA
CopyFileA
CreateFileA
GetFileSize
GlobalAlloc
ReadFile
CloseHandle
DeleteFileA
GlobalFree
LoadLibraryA
GetProcAddress
WinExec
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree

user32

wsprintfA

advapi32

RegOpenKeyA
RegDeleteValueA
RegCloseKey

Sections

pp1
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

pp2
Size: 512B - Virtual size: 353B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

pp3
Size: 512B - Virtual size: 87B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

pp0
Size: 1024B - Virtual size: 687B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7b383ab90251e996f851ae6816a26bd2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

pp1 Size: 512B - Virtual size: 272B

pp2 Size: 512B - Virtual size: 353B

pp3 Size: 512B - Virtual size: 87B

pp0 Size: 1024B - Virtual size: 687B

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 328B

pp1
Size: 512B - Virtual size: 272B

pp2
Size: 512B - Virtual size: 353B

pp3
Size: 512B - Virtual size: 87B

pp0
Size: 1024B - Virtual size: 687B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 328B