4d14b6bce61f2f2dbe998a59e5fd79ff_JaffaCakes118

General

Target

4d14b6bce61f2f2dbe998a59e5fd79ff_JaffaCakes118
Size

192KB
MD5

4d14b6bce61f2f2dbe998a59e5fd79ff
SHA1

e984dc7ef97aadf221b27896740e3895aff3c68c
SHA256

cd4754269f3734f6cf878481d0580af385f5be4509114d52644ec5e0346cff7d
SHA512

8973e53e804f001e132305e55391290a78d5867c56eb6bbc69428bdec47c94210eb9175d30b0e799f1db7ebc3bed2ba64d139c2f1aa7a74f58127864f22958fd
SSDEEP

3072:gn7HjxitT73hJ3HX1CR20CRjjyYueJzDGXtGqqjXFZPNLkjZRsN7sI4oZ:Wji/HX1C9rdU1ZPNLEZRsN54

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d14b6bce61f2f2dbe998a59e5fd79ff_JaffaCakes118

Files

4d14b6bce61f2f2dbe998a59e5fd79ff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f17d4de4d54bbaf70cf328e621df9b90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AllocConsole
DuplicateHandle
GetSystemTimeAsFileTime
GetFileSize
CreateDirectoryA
VirtualFree
GetModuleHandleA
GetProcAddress
TlsSetValue
QueueUserAPC
TlsGetValue
GetCurrentThread
TlsFree
CloseHandle
CreateEventA
TlsAlloc
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
MultiByteToWideChar
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
Sleep
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize

user32

LoadIconA
LoadCursorA
EnumWindowStationsA
RegisterClassA
CreateWindowExA
MsgWaitForMultipleObjectsEx
PeekMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
BeginPaint
EndPaint
PostQuitMessage
PostMessageA
DestroyWindow

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f17d4de4d54bbaf70cf328e621df9b90

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 144KB - Virtual size: 141KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 144KB - Virtual size: 141KB