4c81d568df5b93a79f3cc82981b8fb3c_JaffaCakes118

General

Target

4c81d568df5b93a79f3cc82981b8fb3c_JaffaCakes118
Size

954KB
MD5

4c81d568df5b93a79f3cc82981b8fb3c
SHA1

e1c2d6a3b9cb6993ad9929471b66b2ed1418a50d
SHA256

2dabf1bb89cfb9637bcf8d0f6dfe6d8daeb8b81f44e05e4f256002e78e1d1af8
SHA512

63ba590bb02d67e9b97438a6e43df0c6d477e911d05ca39e7fec986f73a16a948204c888858dc8cd26d87703d3da003c92686a5a9a6ef17f740d72dc62e91208
SSDEEP

3072:0clfF4QqKlo/b4QqKVsjSpy0bShLy8gXvzJ9k8a/o3zVZ4tQhynHa3Ifl5pVB5:0mqKiZqKVsjl0bu+Nxjz4tQhyHJfT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c81d568df5b93a79f3cc82981b8fb3c_JaffaCakes118

Files

4c81d568df5b93a79f3cc82981b8fb3c_JaffaCakes118
.exe windows:0 windows x86 arch:x86

4dab2ee3b9601c1452035d544d874d83

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddLocalAlternateComputerNameW
AreFileApisANSI
AssignProcessToJobObject
BackupWrite
BaseCheckAppcompatCache
BaseCleanupAppcompatCacheSupport
BaseDumpAppcompatCache
BaseProcessInitPostImport
BeginUpdateResourceW
CancelDeviceWakeupRequest
CheckRemoteDebuggerPresent
ClearCommBreak
CompareStringA
ContinueDebugEvent
CreateDirectoryExA
CreateDirectoryExW
CreateFiber
CreateFileA
CreateFileMappingA
CreateHardLinkA
CreateJobObjectW
CreateProcessInternalW
CreateProcessInternalWSecure
CreateRemoteThread
CreateTimerQueueTimer
CreateToolhelp32Snapshot
DeactivateActCtx
DeleteVolumeMountPointA
DosDateTimeToFileTime
DuplicateHandle
EncodePointer
EnumCalendarInfoExA
EnumDateFormatsExW
EnumLanguageGroupLocalesW
EnumResourceLanguagesA
EnumResourceNamesW
EnumSystemCodePagesW
EnumUILanguagesA
EnumerateLocalComputerNamesW
ExpandEnvironmentStringsA
FatalAppExitW
FillConsoleOutputAttribute
FindAtomA
FindFirstVolumeMountPointW
FindNextChangeNotification
FindNextVolumeA
FindNextVolumeMountPointA
FindVolumeMountPointClose
FoldStringA
FormatMessageA
GetComputerNameExA
GetConsoleAliasesA
GetConsoleAliasesLengthW
GetConsoleAliasesW
GetConsoleCommandHistoryLengthW
GetConsoleCommandHistoryW
GetConsoleKeyboardLayoutNameW
GetConsoleNlsMode
GetConsoleWindow
GetCurrentActCtx
GetDefaultCommConfigW
GetDevicePowerState
GetDiskFreeSpaceExA
GetFileType
GetGeoInfoA
GetLocaleInfoA
GetLongPathNameA
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessIoCounters
GetProfileIntW
GetShortPathNameA
GetStringTypeW
GetSystemDefaultLCID
GetSystemTime
GetSystemTimeAdjustment
GetTapeParameters
GetThreadPriority
GetThreadPriorityBoost
GetVolumeInformationA
GlobalAddAtomW
GlobalMemoryStatus
GlobalReAlloc
GlobalUnWire
GlobalWire
HeapCreate
HeapCreateTagsW
HeapDestroy
InterlockedCompareExchange
InterlockedIncrement
IsBadCodePtr
IsBadHugeWritePtr
LCMapStringW
LZCopy
LZSeek
LoadLibraryA
LoadModule
LocalFree
MapUserPhysicalPages
MulDiv
NlsGetCacheUpdateCount
OpenEventW
OpenJobObjectA
OpenSemaphoreW
Process32Next
RaiseException
RegisterWowBaseHandlers
RequestWakeupLatency
RtlCaptureStackBackTrace
RtlFillMemory
SetCommConfig
SetConsoleCP
SetConsoleCursorInfo
SetConsoleDisplayMode
SetConsoleMaximumWindowSize
SetConsoleMode
SetConsoleOS2OemFormat
SetConsolePalette
SetNamedPipeHandleState
SetProcessAffinityMask
SetProcessPriorityBoost
SetUserGeoID
Sleep
TerminateJobObject
TlsFree
Toolhelp32ReadProcessMemory
TransmitCommChar
TryEnterCriticalSection
UTRegister
VerLanguageNameW
VerSetConditionMask
VerifyVersionInfoA
WriteConsoleOutputCharacterA
lstrcmpi
lstrcmpiA
lstrcpyn

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4dab2ee3b9601c1452035d544d874d83

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 132KB - Virtual size: 131KB

.text
Size: 132KB - Virtual size: 131KB