b4719400cf9afc19c84a96ea5416dc0e_JaffaCakes118

General

Target

b4719400cf9afc19c84a96ea5416dc0e_JaffaCakes118
Size

82KB
MD5

b4719400cf9afc19c84a96ea5416dc0e
SHA1

5e0b3d3a962b2623e3608d2289d1dae5de62499f
SHA256

2921125b3ea232aecccf0e332e2a1417ba5b8ac95b9205f3a29f428810920dca
SHA512

a31f6e4226e1e32c799fadfe7601f9e77774e5677d3a47fa8f1c4a0972c8686b1d5d7c01dc74af3d5b404994fdae97bdf4041d88a60c901de3ab47046e32a4f1
SSDEEP

768:P3gFyta8z7xqdjQQs6PnPcKLPGl5BtVbGs+VulSf4GiJhKk2gBW0JlK3/MZ+wICG:BLqdj7gKDcBtBYW4k1DZIm5By+7DC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4719400cf9afc19c84a96ea5416dc0e_JaffaCakes118

Files

b4719400cf9afc19c84a96ea5416dc0e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fcb4fd42e750e4b86439c50049f6b2db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCurrentProcess
OpenProcess
GetProcAddress
VirtualAlloc
LoadLibraryA
GetProcessId
GetModuleHandleA
DuplicateHandle
GetCurrentProcessId
GetLastError
HeapFree
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
GetModuleHandleW
Sleep
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapSize
RaiseException
SetHandleCount
GetFileType
GetStartupInfoA
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
CloseHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
RtlUnwind
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
InitializeCriticalSection

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.unp
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fcb4fd42e750e4b86439c50049f6b2db

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 5KB - Virtual size: 13KB

.unp Size: 12KB - Virtual size: 12KB

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 5KB - Virtual size: 13KB

.unp
Size: 12KB - Virtual size: 12KB