4b33b9eef0c3de52f9b6abda76694dd9_JaffaCakes118

General

Target

4b33b9eef0c3de52f9b6abda76694dd9_JaffaCakes118
Size

51KB
MD5

4b33b9eef0c3de52f9b6abda76694dd9
SHA1

7a46ba062627f897ed39386bfee68224cdc32f56
SHA256

9b74cf0734d938b39dbf17c0d2adfb8a744f802057905b647ee001615574171f
SHA512

9e7d938ee774399a91e067213200db63b760b234cdf5a6077e0a5d552fc069622e2145b89c462096c9b1dcc3394e0fa2117724f464ef935f46db6a699a511502
SSDEEP

768:kSkZ1Psj6NYDHsj5LtglWErepb2yQOpEkVmQKCcNMmZSDzPY6ltWnrzaoBKuG8m1:Z4NYrsJKlq1QhwmQKzac6lA3aq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b33b9eef0c3de52f9b6abda76694dd9_JaffaCakes118

Files

4b33b9eef0c3de52f9b6abda76694dd9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9391c14b9d4fa054bf62a8e4c3ae4c4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCurrentThreadId
ExitProcess
RtlUnwind
RaiseException
GetCommandLineA
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
GetModuleFileNameA
FreeLibrary
HeapFree
HeapReAlloc
HeapAlloc
GetProcessHeap
SetThreadContext
ResumeThread
GetThreadContext
GetProcAddress
LoadLibraryA
GetTempPathA

user32

CharNextA

Sections

CODE
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 317B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 614B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

FYPMJW8F
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9391c14b9d4fa054bf62a8e4c3ae4c4d

Headers

File Characteristics

Imports

kernel32

user32

Sections

CODE Size: 6KB - Virtual size: 5KB

DATA Size: 41KB - Virtual size: 41KB

BSS Size: - Virtual size: 317B

.idata Size: 1024B - Virtual size: 614B

.tls Size: - Virtual size: 4B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 512B - Virtual size: 392B

.rsrc Size: 512B - Virtual size: 512B

FYPMJW8F Size: 512B - Virtual size: 4KB

CODE
Size: 6KB - Virtual size: 5KB

DATA
Size: 41KB - Virtual size: 41KB

BSS
Size: - Virtual size: 317B

.idata
Size: 1024B - Virtual size: 614B

.tls
Size: - Virtual size: 4B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 512B - Virtual size: 392B

.rsrc
Size: 512B - Virtual size: 512B

FYPMJW8F
Size: 512B - Virtual size: 4KB