846e53b4c57ad40f91ea20460693dd25_JaffaCakes118

General

Target

846e53b4c57ad40f91ea20460693dd25_JaffaCakes118
Size

524KB
MD5

846e53b4c57ad40f91ea20460693dd25
SHA1

54070beb952704195bf174ee2ceed314fb88b484
SHA256

83d51b53fcd224b71345737b426a2fc4467b01cb6d5128ac1057681056070978
SHA512

4908f282c00abe4b2d211ad89f21cb1456df5a7d4feed5cc3235bc318a01b25c1a2858eff228744b04eef30f653b64a956c85edd4af631b61b83f97ec16974a3
SSDEEP

12288:W2wiFH706DcdFOheLDgEb6rvVLcTLLpDP8LA+5VafTVMS1k:iidYiSF4eLMbrvQZDULhVEq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
846e53b4c57ad40f91ea20460693dd25_JaffaCakes118

Files

846e53b4c57ad40f91ea20460693dd25_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e186ac84799487c1d799fba6972f944f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetStringTypeA
GetProcAddress
GetModuleFileNameA
SetEndOfFile
HeapSize
IsValidCodePage
WriteFile
GetCurrentDirectoryA
FreeLibrary
GlobalAlloc
GetCommandLineW
GetFileAttributesA
SetFilePointer
GetFileSize
GetConsoleMode
SetUnhandledExceptionFilter
GetFileAttributesW
HeapFree
GetStartupInfoA
SetStdHandle
VirtualAlloc
HeapAlloc
GetProcessHeap
GetModuleHandleA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsGetValue
GetLastError
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 476KB - Virtual size: 476KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e186ac84799487c1d799fba6972f944f

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 476KB - Virtual size: 476KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 476KB - Virtual size: 476KB

.rsrc
Size: 8KB - Virtual size: 4KB