4d80a8195fc2f98fc5f557a13e540cf8_JaffaCakes118

General

Target

4d80a8195fc2f98fc5f557a13e540cf8_JaffaCakes118
Size

245KB
MD5

4d80a8195fc2f98fc5f557a13e540cf8
SHA1

1eb599d9a29d4a7482a9f944a41ec97ba1261a1e
SHA256

f87ebb90b93e825ef5076c5fa388a07eb6786b7816b471e109f57b70f4ddb78b
SHA512

f2082758632e39ce61fb22cb9c191a56a01c23f95d5fbf51ca139c92dfc1490278a2d4987bb12149e9b1a077460b34b1c15ff9df00dc88fe1d4175975bce6780
SSDEEP

6144:UA4nSepKnK7b+1Czdh3/0VZ494C78ELJfdjy:D4nVoKvDzz8VvgJF1jy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d80a8195fc2f98fc5f557a13e540cf8_JaffaCakes118

Files

4d80a8195fc2f98fc5f557a13e540cf8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d7fd5f0305d56f38ebf19d32f07c6e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExW
InvalidateRgn
PostMessageW
UpdateWindow
SetTimer
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
EnableWindow
PostQuitMessage
SetWindowPos
MapDialogRect

kernel32

GetLogicalDriveStringsA
SetUnhandledExceptionFilter
QueryPerformanceCounter
CreateFileA
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
TerminateProcess
UnhandledExceptionFilter
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
HeapReAlloc
GetTimeZoneInformation
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LCMapStringA
LCMapStringW
GetStringTypeA

oleaut32

DispGetIDsOfNames
OleLoadPicture
QueryPathOfRegTypeLib
GetErrorInfo
SetErrorInfo
VariantClear
SysReAllocStringLen

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA

shlwapi

PathFindExtensionA

Sections

.text
Size: 117KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 242B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d7fd5f0305d56f38ebf19d32f07c6e9

Headers

File Characteristics

Imports

user32

kernel32

oleaut32

advapi32

shlwapi

Sections

.text Size: 117KB - Virtual size: 204KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 124KB - Virtual size: 124KB

.reloc Size: 512B - Virtual size: 242B

.text
Size: 117KB - Virtual size: 204KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 124KB - Virtual size: 124KB

.reloc
Size: 512B - Virtual size: 242B