4acddb062deb14851ab9ac7681d3f109_JaffaCakes118

General

Target

4acddb062deb14851ab9ac7681d3f109_JaffaCakes118
Size

429KB
MD5

4acddb062deb14851ab9ac7681d3f109
SHA1

e0eb80094cf37cd3bed70a49219dd55ad5893834
SHA256

3f065b4ff691fa6851663409af76c603359f2bbd46b318f2fe9460cd1c8ba6d7
SHA512

3a957ec72dd9eb82a3a71b75e739248d030f8faee0887e46afd55cadf8aa5f576047599a7c09217392bc33c1c1f31787c031eaa5a0b1e56864fa8aebbfe1a47c
SSDEEP

12288:5kX5h/A4DP4V8BFiz99RJxkRB07sYCsW2Pm:5uptBFw9fD4BgxCsWSm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4acddb062deb14851ab9ac7681d3f109_JaffaCakes118

Files

4acddb062deb14851ab9ac7681d3f109_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c72e545b010978667aec50771a5fd552

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
VirtualQuery
GetSystemTimeAdjustment
SetConsoleCursorInfo
RtlUnwind
WriteProfileSectionW
GetLocaleInfoW
GetCurrentProcess
GetProcAddress
VirtualAlloc
GetCurrentThreadId
UnlockFile
HeapReAlloc
HeapAlloc
CreateDirectoryA
UnlockFileEx
HeapFree
InterlockedExchange
GetModuleFileNameA
TerminateProcess
GetModuleHandleA
ExitProcess
SetFileAttributesA
WritePrivateProfileStructA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
FoldStringA
GetFullPathNameW
EnumCalendarInfoExW
QueryPerformanceCounter
GetDiskFreeSpaceW

gdi32

OffsetRgn
Arc
SetBoundsRect
GetCharABCWidthsA
ColorMatchToTarget
AddFontResourceA
CreateFontIndirectA
EnumICMProfilesA

advapi32

RegConnectRegistryW
CryptAcquireContextA
RegOpenKeyExW
RegSetValueExA
LogonUserA
RegOpenKeyExA
CryptEnumProviderTypesW
CryptDestroyHash
RegEnumKeyW
RegEnumValueW
CryptGetUserKey
RegQueryMultipleValuesA
CryptSetKeyParam
CryptCreateHash
RegCloseKey
CryptExportKey
CryptGetProvParam

Sections

.text
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c72e545b010978667aec50771a5fd552

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

Sections

.text Size: 153KB - Virtual size: 152KB

.data Size: 266KB - Virtual size: 266KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 153KB - Virtual size: 152KB

.data
Size: 266KB - Virtual size: 266KB

.rsrc
Size: 9KB - Virtual size: 8KB