445c4e6b4b73915bd44ad587223e8a49_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

445c4e6b4b73915bd44ad587223e8a49_JaffaCakes118
Size

119KB
MD5

445c4e6b4b73915bd44ad587223e8a49
SHA1

7c2c820e1fa996a8e44052ed11ade933d27b076d
SHA256

0e4d412e2052830ba2d5da9710b74e63fad1607a9c91907d115126199bdbe222
SHA512

7508e5a1d364b9f220a4e631a4060fb60d9304379b7b33689b035532dff2ecea4216facea88288f62d7be4c4c07d7fd1243c1c87cfbf2b8c9218b8a971156456
SSDEEP

1536:U6+Wj5fABXNtgQByGo7WUdURv0ttMOhQ6Dd8sNhBGDxsJCo+78CSNQpkHx1h:U6+s5mXDXymUoAtMoQ6DtECJC57c3N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
445c4e6b4b73915bd44ad587223e8a49_JaffaCakes118

Files

445c4e6b4b73915bd44ad587223e8a49_JaffaCakes118
.exe windows:1 windows x86 arch:x86

ae46ad896b85f44d9211e2b1c353dda4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
LoadLibraryA
GetSystemTimeAsFileTime
GetVersionExA
GetModuleHandleW
HeapAlloc
EnterCriticalSection
LoadLibraryW
GetCurrentThreadId
GetStartupInfoA
FreeLibrary
TerminateProcess
Sleep
HeapFree
InterlockedIncrement
GetSystemTimeAsFileTime
VirtualFree
MultiByteToWideChar
GetTickCount
VirtualAlloc
LocalFree
LoadLibraryA
TerminateProcess
Sleep
GetCommandLineW
ExitProcess
WriteFile
GetStartupInfoA
GetModuleHandleA
WaitForSingleObject
GetSystemTimeAsFileTime
CloseHandle
InterlockedIncrement
LocalAlloc
SetFilePointer
CreateThread
SetLastError
GetCurrentProcess
GetCurrentProcess
MultiByteToWideChar
GetTickCount
GetModuleHandleW
InterlockedIncrement
GetVersionExA
DeleteCriticalSection
lstrcmpiW
GetLastError
MultiByteToWideChar
EnterCriticalSection
GetModuleHandleW
GetCurrentProcess
LoadLibraryW
GetModuleHandleA
GetACP
GetSystemTimeAsFileTime
GetCommandLineA
lstrcmpiW
GetCurrentThreadId
FreeLibrary
HeapDestroy
ExitProcess
ExitProcess
GetCurrentThreadId
WideCharToMultiByte
HeapFree
GetStartupInfoA
GetCurrentProcess
GetCommandLineW
GetCommandLineW
HeapAlloc
VirtualFree
TerminateProcess
LoadLibraryW
GetVersionExA
ReadFile
TerminateProcess
GetCurrentThreadId
GetTickCount
GetModuleHandleW
ReadFile
InterlockedDecrement
Sleep
TerminateProcess
GetCurrentProcess
WideCharToMultiByte
VirtualAlloc
GetTickCount
LeaveCriticalSection
VirtualAlloc
FreeLibrary
GetModuleHandleA
HeapAlloc
UnhandledExceptionFilter
LoadLibraryA
SetLastError
HeapFree
SetFilePointer

Sections

.text
Size: 109KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ae46ad896b85f44d9211e2b1c353dda4

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 109KB - Virtual size: 128KB

.idata Size: 2KB - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.data Size: 3KB - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 16B

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 109KB - Virtual size: 128KB

.idata
Size: 2KB - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 4KB