4d1388c0fd2675f58e36149a43bf86dc_JaffaCakes118

General

Target

4d1388c0fd2675f58e36149a43bf86dc_JaffaCakes118
Size

445KB
MD5

4d1388c0fd2675f58e36149a43bf86dc
SHA1

a8cb9d3fc0a2b5f8a3181c673a8bb4d6a4409c61
SHA256

058319cfaff698708f099ffcdf50fb06f4e3970a7a7117781dcad54c266f291a
SHA512

1cdf709243361bd2b3f8df7ad08dcfc852c6107c3283abc307f878c614c6a0c77e565418a73412e7ce41f29947865966aa30ead2533f51df1feb1ee87805bdb2
SSDEEP

6144:xy+PWrgehQIGtU5X7UJRVcv6z/vfcOjg+717n7SHMdIYFH68f:DE3eU5LUJRuizfUXHMJF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d1388c0fd2675f58e36149a43bf86dc_JaffaCakes118

Files

4d1388c0fd2675f58e36149a43bf86dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f9b102944d43f5db068a7ca97752b6a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
IsBadWritePtr
IsValidLocale
UnhandledExceptionFilter
GetProcAddress
LCMapStringA
HeapReAlloc
VirtualProtect
DeleteCriticalSection
GetSystemInfo
GetCurrentProcessId
WriteFile
CreateDirectoryExW
GetEnvironmentStringsW
TlsAlloc
GetModuleHandleA
LCMapStringW
GetLocaleInfoW
SetLocaleInfoA
SetLastError
GetLocaleInfoA
HeapDestroy
EnumSystemLocalesA
HeapCreate
MultiByteToWideChar
GetModuleFileNameW
GetStringTypeA
GetDiskFreeSpaceA
FormatMessageW
ExitProcess
GetTickCount
GetComputerNameW
WideCharToMultiByte
HeapFree
GetCPInfo
GetModuleFileNameA
GetUserDefaultLCID
LoadLibraryA
QueryPerformanceCounter
GetACP
VirtualAlloc
CreateMailslotA
EnterCriticalSection
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetCommandLineA
GetFileType
GetStartupInfoA
TlsFree
WriteConsoleOutputCharacterW
IsValidCodePage
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetDateFormatA
DeleteFileW
GetCurrentThread
GetEnvironmentStrings
GetLastError
TransmitCommChar
TlsSetValue
SetEnvironmentVariableA
GetVersionExA
CommConfigDialogW
GetOEMCP
TlsGetValue
OpenMutexA
InitializeCriticalSection
VirtualFree
GetStdHandle
EnumResourceTypesA
InterlockedExchange
GetTimeFormatA
GetStringTypeW
FreeEnvironmentStringsW
SetHandleCount
CompareStringW
CompareStringA
LeaveCriticalSection
HeapSize
HeapAlloc

user32

ScrollWindow
TranslateAccelerator
GetWindowTextA

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f9b102944d43f5db068a7ca97752b6a

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 155KB - Virtual size: 154KB

.data Size: 273KB - Virtual size: 273KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 155KB - Virtual size: 154KB

.data
Size: 273KB - Virtual size: 273KB

.rsrc
Size: 15KB - Virtual size: 15KB