4d0476e0977d96cd44bab7376ff939a8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4d0476e0977d96cd44bab7376ff939a8_JaffaCakes118
Size

1.1MB
MD5

4d0476e0977d96cd44bab7376ff939a8
SHA1

6bb57d62ad074a5501b9f0bdd49f42ddbaab9d0c
SHA256

e72907d17335f7c85456b2f3eaa88022a5f761fd4262bb45631680b70956a3ca
SHA512

0629341b2434fe3933a3371ffb0412a1aca53b0ec4f9d194cb0f8ced277b7a8c6f38dab487131c09c2d9c78df273aadddd886b9cd2cdb94e19f6171c8f1c3ae4
SSDEEP

24576:LEqW4FunHPt4OPPfwAK/QdbKdWUav9ezY8xulCb:LtWSuvp3fwAK/YeNavYHxWK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d0476e0977d96cd44bab7376ff939a8_JaffaCakes118

Files

4d0476e0977d96cd44bab7376ff939a8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8ea1c0325b30a69c605be5dbe86afac9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GetCPInfo
CreateThread
ReadFile
GetConsoleMode
ExitThread
DeleteFileA
SetLastError
GetComputerNameA
GetStdHandle
CreateDirectoryA
DeleteAtom
GetCommandLineA
CopyFileExA
GetFileSize
WriteFile
CopyFileW
CreateProcessA
CopyFileExW
Sleep
DeleteAtom
GetFileTime
FindFirstFileA
FindAtomA
OpenFileMappingA
ExitThread
GetFileSize
CreateDirectoryA
ReadConsoleA
GetLastError
CopyFileExW
WriteFile
ReadFile
ReadConsoleA
OpenFile
GetComputerNameA
GetCPInfo
CopyFileExA
ExitThread
GetStdHandle

advapi32

RegGetKeySecurity
RegQueryValueExA
RegDeleteKeyW
RegEnumKeyA
RegOpenKeyA
RegCreateKeyW
RegDeleteValueA
RegQueryValueExW
RegQueryInfoKeyA
RegFlushKey
RegReplaceKeyW
RegEnumKeyW
RegReplaceKeyA
RegDeleteValueW
RegCreateKeyExW
RegLoadKeyW
RegQueryValueW
RegCreateKeyExA
RegEnumValueA
RegQueryInfoKeyW
RegQueryValueA
RegOpenKeyW
RegQueryValueExA
RegDeleteKeyA
RegFlushKey
RegCreateKeyExW
RegReplaceKeyW
RegQueryValueW
RegGetKeySecurity
RegQueryInfoKeyA

user32

IsWindow
CloseWindow
AppendMenuA
DrawIconEx
LoadCursorA
DrawTextW
GetDlgItem
DrawTextA
GetWindowTextLengthA
GetDC
CopyImage
InsertMenuA

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.frdata
Size: 940KB - Virtual size: 939KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ea1c0325b30a69c605be5dbe86afac9

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 132KB - Virtual size: 131KB

.frdata Size: 940KB - Virtual size: 939KB

.tls Size: 4KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 4KB

.idata Size: 4KB - Virtual size: 2KB

.edata Size: 4KB - Virtual size: 1.6MB

.text
Size: 132KB - Virtual size: 131KB

.frdata
Size: 940KB - Virtual size: 939KB

.tls
Size: 4KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 2KB

.edata
Size: 4KB - Virtual size: 1.6MB