4bf9d180659ff46e1f679af19aeb38b5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4bf9d180659ff46e1f679af19aeb38b5_JaffaCakes118
Size

427KB
MD5

4bf9d180659ff46e1f679af19aeb38b5
SHA1

e116cd392cafa9e7e27f2d7ffc2907c197dfd38d
SHA256

6aa2d1050db275dd324e9abca1dd265c9874efe428cb87769600299a1dfaaf5e
SHA512

c188202587ffb32c4ee9bae5f501a1f642c44c10d4e3dbff22e548865a6a11c1b7fb4ff34b4f49913a645c73615441cd1bce4988df94ca0b1ae50667dd481d61
SSDEEP

6144:9tqlcBK2qUxzKVBJmyZd8E0kwOBYwQSvrDTolDsyzduxCrHUFBrQtRsd2Htsi8Ja:9ycL5elw8m4i8x0UVd4si81C1aRP5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bf9d180659ff46e1f679af19aeb38b5_JaffaCakes118

Files

4bf9d180659ff46e1f679af19aeb38b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c8aff3213a59257576eaea8a0a90c49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
InitializeCriticalSectionAndSpinCount
InterlockedIncrement
SetUnhandledExceptionFilter
GetProcAddress
IsDebuggerPresent
HeapReAlloc
TlsAlloc
EnterCriticalSection
GetStdHandle
GetCurrentProcessId
TlsGetValue
ReleaseSemaphore
GetEnvironmentStrings
TlsSetValue
GetModuleHandleA
IsValidCodePage
GetProcessShutdownParameters
UnhandledExceptionFilter
MultiByteToWideChar
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsA
GetUserDefaultLCID
LCMapStringA
VirtualProtectEx
GetOEMCP
WaitForSingleObject
SetConsoleTitleA
ExitProcess
GetTickCount
FindResourceExA
TlsFree
HeapFree
GetCPInfo
GetModuleFileNameA
GetTimeFormatA
LoadLibraryA
QueryPerformanceCounter
GetACP
VirtualAlloc
EnumSystemLocalesW
EnumSystemLocalesA
WriteFile
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetCommandLineA
GetEnvironmentStringsW
GetLocaleInfoW
SetEnvironmentVariableA
VirtualFree
InterlockedDecrement
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentThread
CompareStringA
CreateDirectoryExA
GetDateFormatA
GetFileType
GetThreadSelectorEntry
SetLastError
LCMapStringW
GetTimeZoneInformation
ExpandEnvironmentStringsA
GetLocaleInfoA
SetHandleCount
ResetEvent
HeapSize
Sleep
GetModuleHandleW
WriteProfileStringA
InterlockedExchange
GetStringTypeA
GetStartupInfoA
FreeLibrary
LeaveCriticalSection
DeleteCriticalSection
CompareStringW
IsValidLocale
HeapDestroy
HeapAlloc
SetConsoleCtrlHandler
SetFileTime
CreateFileW
HeapCreate
VirtualQuery

user32

CharLowerA
GetWindowTextW
SetClassWord
LoadKeyboardLayoutA
DefFrameProcA
MapVirtualKeyA
SetDlgItemTextW
GetDlgItemInt
GetUpdateRgn
GetPropW
IsWindowVisible
GetClipboardViewer
DrawCaption
PostQuitMessage
GetClipboardFormatNameA
TrackPopupMenu
CharLowerBuffA
DdeUninitialize
ScrollDC
VkKeyScanA
ReleaseCapture
CreateIcon

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c8aff3213a59257576eaea8a0a90c49

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 139KB - Virtual size: 139KB

.data Size: 274KB - Virtual size: 274KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 139KB - Virtual size: 139KB

.data
Size: 274KB - Virtual size: 274KB

.rsrc
Size: 12KB - Virtual size: 12KB