4ace52e2a8f0cb8bfaa2cb8cc5979e9b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4ace52e2a8f0cb8bfaa2cb8cc5979e9b_JaffaCakes118
Size

735KB
MD5

4ace52e2a8f0cb8bfaa2cb8cc5979e9b
SHA1

288757a8690405e54172667ac07b8f3941816987
SHA256

c505afa7ba2533ee8c2365c14f9c3738b1ca8ac0745b590d87c2beeea6e44f02
SHA512

98f9e3c250a6ec595c6fe69f91cc0a48873bc040ae35ec6840166c0cb52270d45a61af0e0aaccb76a444a50a50e4ba019e39cd45fb5baec4649fc522aa4e6502
SSDEEP

12288:5MW0BSOvjzQg0S9RUasyytAuIKx8S9rZR3nzdWRvwN8kSoHiKWyA8D:ulBSO7zQK9RUB5tAuI5SrlnzQlhkSod2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ace52e2a8f0cb8bfaa2cb8cc5979e9b_JaffaCakes118

Files

4ace52e2a8f0cb8bfaa2cb8cc5979e9b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

888322e35c5fde077afa37acf5128f63

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetInstanceExplorer

kernel32

TlsFree
InterlockedIncrement
TlsGetValue
InterlockedDecrement
GetVersion
InitializeCriticalSection
CompareStringA
SetFilePointer
IsBadWritePtr
GetLocalTime
GetACP
OpenMutexA
GetCPInfo
TerminateProcess
TlsAlloc
GetModuleFileNameW
CopyFileExA
FreeEnvironmentStringsA
HeapDestroy
WriteFileEx
SetLastError
EnumCalendarInfoW
RtlUnwind
WideCharToMultiByte
SetStdHandle
SetFileAttributesW
GetStartupInfoA
LoadLibraryA
SetHandleCount
GetTimeZoneInformation
WriteFile
GetEnvironmentStrings
MultiByteToWideChar
GetEnvironmentStringsW
SetEnvironmentVariableA
GlobalFindAtomW
LeaveCriticalSection
DeleteCriticalSection
QueryPerformanceCounter
GetProcAddress
HeapReAlloc
HeapCreate
GetCurrentThreadId
HeapAlloc
VirtualAlloc
GetSystemTimeAsFileTime
GetTickCount
GetModuleHandleA
GetLastError
GetDiskFreeSpaceExA
GetSystemTime
GetModuleFileNameA
GetCommandLineA
HeapFree
GetNamedPipeInfo
GetStdHandle
GetFileSize
FreeEnvironmentStringsW
GetCurrentThread
FlushFileBuffers
CompareStringW
VirtualQuery
ReadFile
WriteConsoleInputA
VirtualFree
GetStringTypeA
LCMapStringW
GetStringTypeW
GetStartupInfoW
CreateMutexA
LCMapStringA
GetFileType
ExitProcess
LockFile
EnterCriticalSection
CloseHandle
TlsSetValue
GetCurrentProcess
GetCommandLineW
InterlockedExchange
GetCurrentProcessId
UnhandledExceptionFilter

comctl32

InitCommonControlsEx

user32

DefFrameProcA
RegisterClassA
DlgDirSelectComboBoxExA
SendMessageTimeoutW
RegisterClassExA
CreateDesktopW
DdePostAdvise
DrawIconEx

Sections

.text
Size: 361KB - Virtual size: 361KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

888322e35c5fde077afa37acf5128f63

Headers

File Characteristics

Imports

shell32

kernel32

comctl32

user32

Sections

.text Size: 361KB - Virtual size: 361KB

.rdata Size: 4KB - Virtual size: 15KB

.data Size: 364KB - Virtual size: 364KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 361KB - Virtual size: 361KB

.rdata
Size: 4KB - Virtual size: 15KB

.data
Size: 364KB - Virtual size: 364KB

.rsrc
Size: 4KB - Virtual size: 3KB