4d73ac671ba88a4d1bfe85dd54861afe_JaffaCakes118

General

Target

4d73ac671ba88a4d1bfe85dd54861afe_JaffaCakes118
Size

431KB
MD5

4d73ac671ba88a4d1bfe85dd54861afe
SHA1

3d843a58262cfc4649a0e15ec956d40266230820
SHA256

89d412e47c136800970f8497cf537fa3eac1503aa40c0bea42da3a2e532ac99a
SHA512

af2e21d382328ea4dadd4cf398c1de4476fa510696b9a69333636ac319a067c4d98ab5394777ad85dbb42bfd89637f86ba0b5883c9bcbbdba6c206e8533fff66
SSDEEP

12288:a8EP7BqK4TOZEULlGjfX2xnLto9A+4TKBhP:XO7N4T4LkQC9cTKBN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d73ac671ba88a4d1bfe85dd54861afe_JaffaCakes118

Files

4d73ac671ba88a4d1bfe85dd54861afe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e4e7732e62256e0d129637613509035

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
lstrcmpiW
GetSystemTime
LockFileEx
lstrcmpA
OpenWaitableTimerA
GlobalCompact
GetBinaryTypeA
GetModuleHandleW
GetStartupInfoW
FatalAppExitA
lstrcmpiA
GetModuleHandleA
ExitProcess
UpdateResourceW
GlobalHandle
Sleep
lstrlenW
lstrcmpW
VirtualAlloc
QueryDosDeviceW
VirtualFree
Thread32First
GetLocalTime

advapi32

RegOpenKeyW
BuildExplicitAccessWithNameW
GetSecurityInfo
GetUserNameA
OpenThreadToken
CryptEnumProvidersA
SetNamedSecurityInfoW
RegOpenKeyA
GetUserNameW
GetNamedSecurityInfoExA
ReadEventLogA
GetAuditedPermissionsFromAclA

gdi32

GetViewportExtEx
GetRgnBox
GetCharWidthW
DPtoLP
EndPage
SetBkMode
CombineRgn
RectVisible
GetBoundsRect

msvcrt

atexit
fgetwc
fabs
_wspawnle
__argc
is_wctype
longjmp
_nextafter
_ismbcupper
_getdiskfree
_mbctohira
_mbslen
_initterm
__getmainargs
_tzset
wcstod
_wexeclpe

user32

LockWindowStation
RegisterClassExA
SetCursorPos
FindWindowA
DefWindowProcA
IsWindowEnabled
CreateWindowExA
DragObject
TranslateAccelerator
IsWindowVisible
CharToOemBuffW
ChangeDisplaySettingsExA
WindowFromPoint
IMPSetIMEW
OemToCharBuffA
SetDlgItemInt
GetWindowModuleFileNameA

Sections

.text
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.wbuc
Size: 55KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.slwx
Size: 369KB - Virtual size: 622KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e4e7732e62256e0d129637613509035

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

msvcrt

user32

Sections

.text Size: 5KB - Virtual size: 6KB

.wbuc Size: 55KB - Virtual size: 363KB

.slwx Size: 369KB - Virtual size: 622KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 6KB

.wbuc
Size: 55KB - Virtual size: 363KB

.slwx
Size: 369KB - Virtual size: 622KB

.reloc
Size: 1024B - Virtual size: 1KB