4b9591d135a92474ba67ee4250beb09b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4b9591d135a92474ba67ee4250beb09b_JaffaCakes118
Size

60KB
MD5

4b9591d135a92474ba67ee4250beb09b
SHA1

38b9767026b3a3320afebcde183740178c31e889
SHA256

e9e9b28d0af3cba58ddaf917a013701c9f05dfde5c7e03fcc7f01ae85f4f08c6
SHA512

4d927694a3b7c2a676453c18ba2668b5e28feb6afbc045a941c1c1c17eb5f2e0529af93a8e4c70446898b78cda7466912389aa955443fc0f43326304a5aecb30
SSDEEP

768:bGEAizQILomtm49hg/T3vnYTrk8qwOhrjugNNIbVxtG/C5a9TtwxtCmvVCt/HE2e:KZiQX49+/T3mrk8qdVCL3OTTKtD+/w1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b9591d135a92474ba67ee4250beb09b_JaffaCakes118

Files

4b9591d135a92474ba67ee4250beb09b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c434badd8ebf9c1efd3c287b0ee0032

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
IsBadWritePtr
HeapReAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
LCMapStringW
HeapCreate
HeapDestroy
GetCurrentThread
GetLastError
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
GetStringTypeA
GetModuleHandleW
GetCommandLineW
GetVersion
VirtualAlloc
VirtualFree
CloseHandle
GetStartupInfoA
AllocConsole
HeapFree
GetModuleFileNameW
GetStringTypeW
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetCommandLineA
GetModuleHandleA

user32

CreateDialogIndirectParamW
ScreenToClient
RegisterClassExW
LoadCursorA
GetPropA
CreateMenu
IntersectRect
InsertMenuItemW
ClientToScreen
InflateRect
RegisterWindowMessageA
BeginPaint
SetTimer
KillTimer
LoadIconW
MessageBoxW
SetPropA
GetSystemMenu
GetMenuItemCount
GetMenuItemID
RemoveMenu
UnhookWindowsHookEx
SetWindowsHookExW
GetWindowTextW
DialogBoxIndirectParamW
GetScrollInfo
IsIconic
FindWindowW
SetWindowTextW
CheckMenuRadioItem
CheckMenuItem
RegisterHotKey
UnregisterHotKey
ExitWindowsEx

advapi32

RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
CreateServiceW
DeleteService
GetTokenInformation
RegDeleteKeyW
RegOpenKeyW
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
RegCloseKey

ws2_32

select
inet_addr
inet_ntoa
ntohl
listen
ioctlsocket
send
WSACleanup
socket
WSAStartup
recv

Exports

Exports

bgnxtBxuWPMPPkHIUJqed
cChlSrHhwTkcKceG
uOQhrASVPTeWBsXC

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0c434badd8ebf9c1efd3c287b0ee0032

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 18KB - Virtual size: 1.0MB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 18KB - Virtual size: 1.0MB