4c1ff8ed0bb79cdc0c875f1a799ad433_JaffaCakes118

General

Target

4c1ff8ed0bb79cdc0c875f1a799ad433_JaffaCakes118
Size

249KB
MD5

4c1ff8ed0bb79cdc0c875f1a799ad433
SHA1

cbbc662d3ce6fd27cf2f1df067fea0c35dcb4cef
SHA256

3c753571a516b740da8e0a7154f0124bd0665d5ef158c64a7229530bcc02775c
SHA512

4a2dc9278da7a01b323674480b3b1d5b95467fc0b773c701468532bf8eca5726ee720c0d74bba54d4a21d17baf0e6c56487027b067a7adb2f3134553f7fed47a
SSDEEP

6144:LJRsKV6Lh52RKCvFtOw1AxPW4Deh7EDRAQxwuSGww085:LsPhYb8nJ1MYdAQxwuSGA8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c1ff8ed0bb79cdc0c875f1a799ad433_JaffaCakes118

Files

4c1ff8ed0bb79cdc0c875f1a799ad433_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b21fdbc4f116db282ba645c33244f44

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
lstrlenW
GetCommandLineA
MultiByteToWideChar
CreateEventW
LocalAlloc
GetTimeZoneInformation
GetStringTypeA
ReadFile
GetLocaleInfoA
LoadLibraryA
GetLocalTime
GetConsoleOutputCP
WriteConsoleW
lstrcpyW
SetFilePointer
ResumeThread
EnterCriticalSection
IsValidCodePage
VirtualAlloc
GetUserDefaultLCID
GetProcAddress
GetLongPathNameW
GetStdHandle

user32

CharLowerW
GetKeyState
GetSubMenu
TranslateMessage
SetClipboardData
InflateRect
SetMenu
PostMessageW
ReleaseCapture
DeferWindowPos
MessageBeep
InvalidateRect
LoadMenuW
GetMessageA
ScreenToClient
CreateWindowExW
DispatchMessageA
BeginPaint

gdi32

CreatePatternBrush
SetBkMode
CreatePen
SelectObject
SetROP2
MoveToEx
SetBkColor
CreateBitmap
LineTo
AddFontResourceW
EndPage

comdlg32

PrintDlgW
GetSaveFileNameW
GetOpenFileNameW

advapi32

RegCreateKeyExW
IsTextUnicode
RegSetValueExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegOpenKeyExW

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 227KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b21fdbc4f116db282ba645c33244f44

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 227KB - Virtual size: 227KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 1024B - Virtual size: 156KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 227KB - Virtual size: 227KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 1024B - Virtual size: 156KB