145c2413ae3541465035ebf8783c74be_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

145c2413ae3541465035ebf8783c74be_JaffaCakes118
Size

4.5MB
MD5

145c2413ae3541465035ebf8783c74be
SHA1

c0c46fd88d483e2a231615209135d8027d6ef7e4
SHA256

01aed2358f9335f4ad6e43b9fe5e5ba73c81f31ed978079b05967b554d67ae6b
SHA512

e5f92d72074685355ce9f4334652e384c6cfa104ea88e5914606a388ccb846ceefd27a2386ecacf3ca2a00e3e76a0b22d717eeb1626a38030418a42e5821fdd2
SSDEEP

98304:PW8jsJdpjPjItfUiPj56BK1UZjqNVh//kzr1I4nbnnfGvu7791u:PP4hPQMiL571imBk9I4njfGvu7x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
145c2413ae3541465035ebf8783c74be_JaffaCakes118

Files

145c2413ae3541465035ebf8783c74be_JaffaCakes118
.exe windows:4 windows x86 arch:x86

175417b17995247ddfa05d1a982b042b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

traffic

TcEnumerateInterfaces
TcRegisterClient
TcOpenInterfaceW
TcDeregisterClient
TcQueryInterface
TcCloseInterface
TcQueryFlowW
TcEnumerateFlows

kernel32

GlobalMemoryStatusEx
GetTimeZoneInformation
GetModuleHandleW
GlobalLock
GetShortPathNameW
CreateSemaphoreW
GetUserDefaultUILanguage
IsBadWritePtr
GetPrivateProfileIntA
_lclose
WaitForSingleObject
TlsAlloc
ExitProcess
FindNextVolumeMountPointW
GetCommandLineW
HeapReAlloc
GetCurrentProcess
GetCurrentProcessId
AreFileApisANSI
GetCurrencyFormatW
VirtualAlloc
GetDiskFreeSpaceA

gdi32

SetROP2
MoveToEx
GetGlyphOutlineW
SetMetaFileBitsEx
SelectClipRgn
CreateDIBitmap
CloseFigure
CopyMetaFileA
GetDCOrgEx
ScaleViewportExtEx
SetGraphicsMode
ArcTo
ModifyWorldTransform
StrokePath
SetLayoutWidth
CreateBitmapIndirect
TranslateCharsetInfo

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 5KB - Virtual size: 655KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4.4MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbs
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

175417b17995247ddfa05d1a982b042b

Headers

File Characteristics

Imports

traffic

kernel32

gdi32

Sections

.text Size: 11KB - Virtual size: 10KB

.edata Size: 5KB - Virtual size: 655KB

.data Size: 4.4MB - Virtual size: 5.3MB

.tls Size: - Virtual size: 2KB

.textbs Size: 512B - Virtual size: 24B

.rsrc Size: 51KB - Virtual size: 50KB

.reloc Size: 1024B - Virtual size: 968B

.text
Size: 11KB - Virtual size: 10KB

.edata
Size: 5KB - Virtual size: 655KB

.data
Size: 4.4MB - Virtual size: 5.3MB

.tls
Size: - Virtual size: 2KB

.textbs
Size: 512B - Virtual size: 24B

.rsrc
Size: 51KB - Virtual size: 50KB

.reloc
Size: 1024B - Virtual size: 968B