4862b2cebfa80fb94ac81cd176a8c100_JaffaCakes118

General

Target

4862b2cebfa80fb94ac81cd176a8c100_JaffaCakes118
Size

190KB
MD5

4862b2cebfa80fb94ac81cd176a8c100
SHA1

ae29f6f897a40ba94705cc91e43aa8ae17c50954
SHA256

4f05f3ab9b937bb0a9523d15061fc8ee93b75fa47e68a05ce3b80f921aafaf13
SHA512

8b0dfb089b7e394716162595221d0b283a98490bd69e385c6559e17aea61890a73ce2093edc268266d4ea07ffbb3d55712ebea47603aaf5505c6f1dcda7c6bf5
SSDEEP

768:2y5F5mqwZmHRz7BwPN10pGd1KJo3A+KKuOhiURdmPt5wcSvJD9iYn3:2kfxz76/0pO3JhZdtcSvJBiY3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4862b2cebfa80fb94ac81cd176a8c100_JaffaCakes118

Files

4862b2cebfa80fb94ac81cd176a8c100_JaffaCakes118
.exe windows:0 windows x86 arch:x86

2c351a01263c1e2a785627e6a6300658

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
BaseCleanupAppcompatCacheSupport
ChangeTimerQueueTimer
CmdBatNotification
CommConfigDialogW
CompareStringA
ConvertDefaultLocale
ConvertThreadToFiber
CopyFileExA
CopyFileExW
CreateDirectoryExA
CreateFileA
CreateJobObjectW
CreateMutexA
CreateMutexW
CreateProcessInternalW
CreateSocketHandle
CreateTapePartition
CreateThread
CreateVirtualBuffer
DebugSetProcessKillOnExit
DecodeSystemPointer
DeleteTimerQueue
DisableThreadLibraryCalls
DisconnectNamedPipe
EncodePointer
EnumDateFormatsExA
EnumLanguageGroupLocalesA
EnumResourceLanguagesA
EnumSystemCodePagesW
EnumSystemGeoID
EnumSystemLocalesW
EnumTimeFormatsA
EnumTimeFormatsW
EnumUILanguagesA
ExpungeConsoleCommandHistoryA
FatalExit
FileTimeToDosDateTime
FindAtomA
FindFirstChangeNotificationW
GetBinaryTypeW
GetCPInfo
GetCPInfoExW
GetCommConfig
GetCommandLineA
GetCompressedFileSizeA
GetConsoleAliasExesLengthA
GetConsoleAliasExesLengthW
GetConsoleAliasesW
GetConsoleInputExeNameA
GetConsoleTitleW
GetDriveTypeA
GetEnvironmentStringsA
GetEnvironmentVariableA
GetFileType
GetHandleInformation
GetLinguistLangSize
GetModuleFileNameA
GetModuleHandleA
GetNumaNodeProcessorMask
GetPrivateProfileIntA
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionW
GetProcAddress
GetProcessIoCounters
GetProcessTimes
GetSystemDefaultLangID
GetSystemDefaultUILanguage
GetThreadSelectorEntry
GetThreadTimes
GetUserDefaultLCID
GetVersion
GetVolumeInformationA
GetVolumeNameForVolumeMountPointA
GetVolumePathNamesForVolumeNameW
GlobalAddAtomW
GlobalGetAtomNameW
GlobalMemoryStatus
GlobalWire
HeapFree
HeapReAlloc
HeapUnlock
HeapValidate
IsBadWritePtr
IsValidUILanguage
LoadLibraryA
LocalAlloc
LocalHandle
LocalReAlloc
LocalSize
LockFileEx
NumaVirtualQueryNode
OpenSemaphoreA
OpenThread
OpenWaitableTimerW
PeekConsoleInputW
Process32First
QueryDepthSList
QueryDosDeviceW
ReadConsoleW
ReadDirectoryChangesW
RegisterWaitForInputIdle
RegisterWowExec
ReleaseMutex
ReleaseSemaphore
RemoveLocalAlternateComputerNameW
SearchPathA
SetClientTimeZoneInformation
SetCommMask
SetComputerNameExW
SetConsoleInputExeNameW
SetConsoleKeyShortcuts
SetConsoleLocalEUDC
SetConsoleNumberOfCommandsW
SetCriticalSectionSpinCount
SetDefaultCommConfigA
SetEndOfFile
SetEvent
SetFileShortNameW
SetInformationJobObject
SetLastConsoleEventActive
SetProcessPriorityBoost
SetThreadIdealProcessor
SetThreadLocale
SetTimerQueueTimer
SetUnhandledExceptionFilter
SetUserGeoID
SetVolumeMountPointA
ShowConsoleCursor
TlsAlloc
UTUnRegister
UnregisterWait
VerLanguageNameA
VirtualAllocEx
WriteConsoleOutputCharacterA
WritePrivateProfileSectionW
WritePrivateProfileStructA
WriteProcessMemory
lstrcatA
lstrcpynW

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c351a01263c1e2a785627e6a6300658

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 132KB - Virtual size: 131KB

.text
Size: 132KB - Virtual size: 131KB