4adbc6ba8dd6426cdeaeb161bc1f3941_JaffaCakes118

General

Target

4adbc6ba8dd6426cdeaeb161bc1f3941_JaffaCakes118
Size

52KB
MD5

4adbc6ba8dd6426cdeaeb161bc1f3941
SHA1

8f827d88a6b12fdd2e075c4a1695a50a173c2e96
SHA256

90b8ca107145ad93fa0290044db4d5007f40d9965ef1bb3c6c6ac51f4eaa3baf
SHA512

e0396f572d0bddfdba44ec5862ab65a0446aa154d784cb19ebc0f425cc5ad288f4e8b9fd5cb335525fbfce37abcf366fb11f8ed4aced9e114d353b53e8b7eddd
SSDEEP

768:SLiBDb39nbXePFuF1xMhsS2gWZsoGnir3cnHyZzPYCVeL:SLK3NnbXePwFrMObg6GrSZzPYCV8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4adbc6ba8dd6426cdeaeb161bc1f3941_JaffaCakes118

Files

4adbc6ba8dd6426cdeaeb161bc1f3941_JaffaCakes118
.exe windows:1 windows x86 arch:x86

db4a069cd1f8c1319eec0bdda5e4fca4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetStdHandle
EnterCriticalSection
ExitProcess
CloseHandle
FillConsoleOutputCharacterA
GetCommandLineA
GetConsoleMode
GetConsoleScreenBufferInfo
FillConsoleOutputAttribute
CreateFileA
GetFileAttributesA
GetFileType
GetLargestConsoleWindowSize
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcAddress
GetCurrentThreadId
GetEnvironmentStrings
GetVersion
GlobalMemoryStatus
InitializeCriticalSection
LeaveCriticalSection
PeekConsoleInputA
RaiseException
ReadConsoleInputA
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetConsoleCursorPosition
SetConsoleMode
SetConsoleScreenBufferSize
SetConsoleWindowInfo
SetFilePointer
SetHandleCount
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WriteFile
GetStartupInfoA

user32

MessageBoxA
EnumThreadWindows

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData
__GetExceptDLLinfo

Sections

CODE
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db4a069cd1f8c1319eec0bdda5e4fca4

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

CODE Size: 28KB - Virtual size: 32KB

DATA Size: 6KB - Virtual size: 8KB

.idata Size: 1KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.debug Size: 12KB - Virtual size: 16KB

CODE
Size: 28KB - Virtual size: 32KB

DATA
Size: 6KB - Virtual size: 8KB

.idata
Size: 1KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB

.debug
Size: 12KB - Virtual size: 16KB