4b692e8fc43fcdf24dce3f690989236b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4b692e8fc43fcdf24dce3f690989236b_JaffaCakes118
Size

68KB
MD5

4b692e8fc43fcdf24dce3f690989236b
SHA1

4177b6fc4261c228f7d2f5b3c82e18a184e00f21
SHA256

cf4ae8540d46e4c29b3721f1f768d2511b2a0502f41c3bda631a85d89d62942e
SHA512

8fbf64e4c2be847e062af96ce13fe9b240bcf1285ca8c43144df2bce124887b28d42414bd078ab9e49c45061813e5379f67501110bf7ed01914bbb9f4ddfbef6
SSDEEP

768:kQBIcMsIfaaFsgBnUIPzy9FvoZwyj3Gv5+3iFdXkH:FMsIfnDPWjoZwyj3c5d0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b692e8fc43fcdf24dce3f690989236b_JaffaCakes118

Files

4b692e8fc43fcdf24dce3f690989236b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b10fc79cfb07483310795b74a8a8249

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
lstrcpyA
lstrcpynA
ReadFile
GlobalFree
GlobalAlloc
lstrcmpiA
Sleep
WinExec
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetProcAddress
HeapReAlloc
VirtualAlloc
HeapAlloc
LoadLibraryA
CreateFileA
GetCPInfo
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
ExitProcess
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
CloseHandle
GetOEMCP
GetACP
GetEnvironmentVariableA
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA

user32

ShowWindow
CreatePopupMenu
AppendMenuA
GetCursorPos
TrackPopupMenu
DestroyMenu
CreateDialogParamA
SetCursor
GetWindowTextA
EndDialog
DestroyIcon
DefWindowProcA
GetDlgItem
SetWindowTextA
KillTimer
UpdateWindow
SetTimer
DialogBoxParamA
wsprintfA
MessageBoxA
SendMessageA
PostQuitMessage
LoadImageA
RegisterClassExA
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA

advapi32

RegOpenKeyExA
RegQueryValueA
RegCloseKey

shell32

ShellExecuteA
Shell_NotifyIconA
ExtractIconA

rasapi32

RasEnumDevicesA
RasSetEntryPropertiesA
RasValidateEntryNameA
RasDeleteEntryA
RasGetErrorStringA
RasGetConnectStatusA
RasDialA
RasEnumConnectionsA
RasHangUpA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b10fc79cfb07483310795b74a8a8249

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

rasapi32

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 59KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 59KB

.rsrc
Size: 24KB - Virtual size: 22KB