4b6c58034cd4f76a6fbe5e98140584d8_JaffaCakes118

General

Target

4b6c58034cd4f76a6fbe5e98140584d8_JaffaCakes118
Size

397KB
MD5

4b6c58034cd4f76a6fbe5e98140584d8
SHA1

3a99dc9d4e7af4181df24c86b81cf775c8071ac2
SHA256

fa6797e9f569ce023dfd6ff42ed6c5e24a98f233268ffe3bc47b57ee6d83d6a7
SHA512

a279c145f4202936bd1071c08a9c4b481c20aca91f900ed16a7a5cd5d694b20707562ee157cf773c9cf2392c6a64fe0204e8d8234d1cf17e8bcd68ece47c8b84
SSDEEP

12288:LzXjSaz7TtUpneFmaoNkjerib0gYpfuhN7C7hKG:+aWeFmnx20VWf7C7hK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b6c58034cd4f76a6fbe5e98140584d8_JaffaCakes118

Files

4b6c58034cd4f76a6fbe5e98140584d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8b5f94081c470b3467d866d7ce6c7c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
HeapLock
HeapReAlloc
GetCurrentThreadId
QueryPerformanceCounter
GetCurrentProcess
HeapAlloc
LoadLibraryA
IsValidCodePage
ExitProcess
VirtualAlloc
GetConsoleScreenBufferInfo
EnumDateFormatsW
GetSystemTimeAsFileTime
InterlockedExchange
GetTickCount
GetCurrentProcessId
GetModuleHandleA
HeapFree
GetProcAddress
RtlUnwind
TerminateProcess
GetModuleFileNameA

advapi32

LookupPrivilegeValueW
RegSaveKeyW
DuplicateTokenEx
LookupAccountSidW
CryptGetKeyParam
ReportEventW
CryptEnumProvidersA
RevertToSelf
LookupAccountNameW
LookupSecurityDescriptorPartsA
CryptHashData
CryptExportKey
RegRestoreKeyA
CryptGetProvParam
CryptEnumProviderTypesA
LookupPrivilegeNameW
RegCreateKeyA

wininet

SetUrlCacheConfigInfoW
HttpSendRequestExA
InternetDial
FindNextUrlCacheEntryA
FtpGetFileW
UnlockUrlCacheEntryStream
InternetGetCertByURL
HttpAddRequestHeadersW
FindFirstUrlCacheContainerA
InternetGoOnlineW

user32

OemToCharBuffW
ToUnicode
ChangeMenuA
FindWindowExA
PeekMessageW
InSendMessage

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8b5f94081c470b3467d866d7ce6c7c5

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

user32

Sections

.text Size: 129KB - Virtual size: 128KB

.data Size: 264KB - Virtual size: 263KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 129KB - Virtual size: 128KB

.data
Size: 264KB - Virtual size: 263KB

.rsrc
Size: 3KB - Virtual size: 2KB