9fdcb59cc5e91d75ded481ce57a464a4_JaffaCakes118

General

Target

9fdcb59cc5e91d75ded481ce57a464a4_JaffaCakes118
Size

59KB
MD5

9fdcb59cc5e91d75ded481ce57a464a4
SHA1

a737d44254c05c5ef2d18f7304396ca6df43ef69
SHA256

4327bc1264c48c49a517b21ee0b5331187df8118c2dfe717d52080cbe5943750
SHA512

bca0a4bbf723511226fb181474745480ff4156f1adce079aa0a1bf709260be5c1453c8be9c3ec6ef9c7b3e0863fa79812378eb655d539c5e8f67ff3561cbbbe7
SSDEEP

768:V+ebhRBa+0RfQEx6/8qo4lUAjS0Nbpqd7nWfP1dzH3lfnSjzOnVNGpW:V+CLg+0qEXqo4Nj9zYnKP1hHJNDGp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9fdcb59cc5e91d75ded481ce57a464a4_JaffaCakes118

Files

9fdcb59cc5e91d75ded481ce57a464a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4939ade602499b56d9e97389cd2391f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
CloseHandle
OpenMutexA
GetVersionExA
GetWindowsDirectoryA
WinExec
GetStringTypeA
LCMapStringW
GetModuleHandleA
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
CreateProcessA
LCMapStringA
GetProcAddress
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetLastError
GetFileAttributesA
HeapAlloc
GetExitCodeProcess
WaitForSingleObject
GetStringTypeW

user32

SetTimer
DefWindowProcA
KillTimer
PostQuitMessage
LoadCursorA
RegisterClassA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA

gdi32

GetStockObject

Exports

Exports

?SecWatchdogWindowProc@@YGJPAUHWND__@@IIJ@Z

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tleanbs
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a4939ade602499b56d9e97389cd2391f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 38KB - Virtual size: 39KB

tleanbs Size: - Virtual size: 4KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 38KB - Virtual size: 39KB

tleanbs
Size: - Virtual size: 4KB