4a0947122b17285b87f25a7cb162a818_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4a0947122b17285b87f25a7cb162a818_JaffaCakes118
Size

220KB
MD5

4a0947122b17285b87f25a7cb162a818
SHA1

26b24bee07647beca0b6b2b287b3fbea2793f875
SHA256

4414a8b4a1456d60520c4d3a91665af707ea8ca6f38445f18c7d2c39a68dceb3
SHA512

df388546c0c84b90fe2ed286e2622e01de02fc59d911c7c2f191fdb143e7b44b8c313553d8946c1686aabc4624de482f4c22fa42a386070f366bd3e784fc579c
SSDEEP

3072:aIGRKqez34EIVcqqf8xe5pjYT5Z16OuUEe1O0cubHvvxFZmR1bUgrITQSRcyI3vt:Jz/fFyHn/1O0cu7RmKI3vt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a0947122b17285b87f25a7cb162a818_JaffaCakes118

Files

4a0947122b17285b87f25a7cb162a818_JaffaCakes118
.exe windows:4 windows x86 arch:x86

188aa4d67a46b08c549db62fcc61cc3e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
RemoveDirectoryA
FindClose
FindNextFileA
FindFirstFileA
GetFileType
GetLastError
GetFileSize
GetSystemInfo
SetFilePointer
SetEndOfFile
CreateFileA
ReadFile
WriteFile
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
MultiByteToWideChar
GetCPInfo
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
RtlUnwind
GetCommandLineA
GetVersion
ExitProcess
RaiseException
HeapFree
HeapAlloc
HeapReAlloc
SetHandleCount
GetStdHandle
GetStartupInfoA
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapSize
InitializeCriticalSection
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetProcAddress
GetModuleHandleA
FlushFileBuffers
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
SetStdHandle
GetTimeZoneInformation
SetEnvironmentVariableA
OpenEventA
SetEvent
ReleaseMutex
CloseHandle
OpenMutexA
CreateMutexA
DeleteCriticalSection
WaitForSingleObject
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe

advapi32

RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegEnumValueA

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

STLPORT_
Size: 4KB - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

XOR
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

188aa4d67a46b08c549db62fcc61cc3e

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 172KB - Virtual size: 172KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 12KB - Virtual size: 21KB

STLPORT_ Size: 4KB - Virtual size: 32B

XOR Size: - Virtual size: 2KB

.text
Size: 172KB - Virtual size: 172KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 12KB - Virtual size: 21KB

STLPORT_
Size: 4KB - Virtual size: 32B

XOR
Size: - Virtual size: 2KB