4ab0ca3719be6819150e914c089df2fc_JaffaCakes118

General

Target

4ab0ca3719be6819150e914c089df2fc_JaffaCakes118
Size

376KB
MD5

4ab0ca3719be6819150e914c089df2fc
SHA1

b19918f55f2ef15f06a6d0c70e04abcccd2447cc
SHA256

4d4afc12fd5371691951cd7a3a9a59de6f6c5cc24dc26e134b5a544b3d4df2e7
SHA512

2ccb1f5fbe3d7d7915e1b3d0c4c557003679114209389684f51543da612fa3168461d3b2ed8db1699d7a52c724ed348066962cac1b4f3ae3a5a21a43809cbe72
SSDEEP

6144:Z62txTBP1tcQjYdq8Ofh4IlEY6ibaOEar6CquEqX8opgclI38Kp044UuT:9xTKY2IlGSaOpq6soYMKWic

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ab0ca3719be6819150e914c089df2fc_JaffaCakes118

Files

4ab0ca3719be6819150e914c089df2fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e24a76ddf73cb6d0bd34666876ebbdc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetVersion
TlsSetValue
GetFileType
Sleep
TlsGetValue
VirtualQuery
LoadResource
IsValidCodePage
WriteConsoleA
TerminateProcess
CreateFileMappingA
GetSystemTimeAsFileTime
WriteFile
DeleteCriticalSection
SetFilePointer
TlsFree
MapViewOfFile
WideCharToMultiByte
GetModuleHandleA
GetProcAddress
InterlockedDecrement
GetLocaleInfoA
GetStdHandle
GetLocalTime
IsDebuggerPresent
WaitForSingleObject
UnmapViewOfFile
EnterCriticalSection
GetLastError
ExitProcess
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetCommandLineA
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetCurrentThreadId
TlsAlloc
SetLastError
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
InterlockedIncrement
InitializeCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

user32

DestroyWindow
GetClientRect
FillRect
LoadIconA
IsIconic
SendMessageA
DrawTextA
GetSysColor
TranslateMessage
GetSystemMetrics
DefWindowProcA
PostQuitMessage
KillTimer
GetParent
GetMessageA

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e24a76ddf73cb6d0bd34666876ebbdc7

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 28KB - Virtual size: 24KB

.data Size: 344KB - Virtual size: 343KB

.text
Size: 28KB - Virtual size: 24KB

.data
Size: 344KB - Virtual size: 343KB