4c7b9cc203d12a0eea461baddb323b41_JaffaCakes118

General

Target

4c7b9cc203d12a0eea461baddb323b41_JaffaCakes118
Size

423KB
MD5

4c7b9cc203d12a0eea461baddb323b41
SHA1

e8045bbb437ec0d7152db913be7ef692f4e70110
SHA256

cd6cd0c118d0a94c7180bf1e50c81fe1314b85bbf2df77cd07c7a672ac7c672a
SHA512

0e844d93b3209e2c8e0ea5c609860fc941ddb5266382aff9abb50dc908c39b387e6e02bfb9130786748c999bef6894068f1a1d986e14682f8f43876f425afa62
SSDEEP

12288:jOXtgyV7vUSrQIHsMeaeC1Z/fCf/rX3IFGm:etgcvRcbMeaeCXXo/rX3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c7b9cc203d12a0eea461baddb323b41_JaffaCakes118

Files

4c7b9cc203d12a0eea461baddb323b41_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03e266da5d4dd0fe283b37e401724810

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
TerminateProcess
EnterCriticalSection
CreateDirectoryW
GetProcAddress
SetLocaleInfoW
HeapReAlloc
LocalUnlock
FindFirstFileExW
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapAlloc
UnhandledExceptionFilter
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleA
GetThreadTimes
GetFileAttributesW
LocalFlags
InterlockedExchange
RtlUnwind
GetCalendarInfoA
GetVolumeInformationA
VirtualQuery
GetExitCodeProcess
GetStdHandle
GetDriveTypeA
AddAtomW
TlsGetValue
ExitProcess
GetTickCount
SetConsoleOutputCP
ReleaseMutex
HeapFree
LoadResource
GetModuleFileNameA
FreeLibraryAndExitThread
LoadLibraryA
QueryPerformanceCounter
EnumResourceNamesW
VirtualAlloc

shell32

InternalExtractIconListW
SHAppBarMessage
ShellExecuteExA
DoEnvironmentSubstW
SHGetDesktopFolder
ExtractIconExA
SHGetSettings
SHInvokePrinterCommandW
FreeIconList
InternalExtractIconListA
SHGetFileInfo
RealShellExecuteW
ExtractAssociatedIconW

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03e266da5d4dd0fe283b37e401724810

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 142KB - Virtual size: 142KB

.data Size: 266KB - Virtual size: 266KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 142KB - Virtual size: 142KB

.data
Size: 266KB - Virtual size: 266KB

.rsrc
Size: 13KB - Virtual size: 12KB