46248d3879b378327453ce3a7c49b3f1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

46248d3879b378327453ce3a7c49b3f1_JaffaCakes118
Size

492KB
MD5

46248d3879b378327453ce3a7c49b3f1
SHA1

6ffbfe65c828147f96378ebea3bc5321491c7a18
SHA256

a28804f25241bf935b039d37703e95133b49b94887db49323104887350bf6c45
SHA512

73779928abd064d965a1bd5d6a6d9a4499ddc0c653c79e02d8dff2313337be0af6b2db238dc70c76a9843a4f275f09d9330b45e231a2f3a34c734bb642f19a6d
SSDEEP

3072:P+wZAY56yErPUdbvT8giktoOFMH82cAia5IOgeDtr4ww5djA:GwiYmDUdzT8NR58n0geDuJ5W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46248d3879b378327453ce3a7c49b3f1_JaffaCakes118

Files

46248d3879b378327453ce3a7c49b3f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba6862baa8a6c86df4257ff33f335167

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Documents and Settings\clockwork\Desktop\Dev\Softmod\Loader\Release\Loader.pdb

Imports

kernel32

ResumeThread
GetFullPathNameA
GetCurrentDirectoryA
CloseHandle
ReadFile
GetLastError
CreateFileA
FlushInstructionCache
WriteProcessMemory
VirtualProtectEx
HeapFree
VirtualAllocEx
HeapAlloc
GetProcessHeap
GetProcAddress
LoadLibraryA
ReadProcessMemory
GetStdHandle
UnmapViewOfFile
IsBadReadPtr
MapViewOfFile
CreateFileMappingA
GetModuleFileNameA
CreateProcessA
WritePrivateProfileStringA
GetPrivateProfileStringA
SetEndOfFile
CreateFileW
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
RtlUnwind
SetStdHandle
GetFileType
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetVersionExA
GetStartupInfoA
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WriteFile
SetHandleCount
GetACP
GetOEMCP
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW

user32

LoadIconA
MessageBoxA

comdlg32

GetOpenFileNameA

Sections

.text
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 348KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba6862baa8a6c86df4257ff33f335167

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comdlg32

Sections

.text Size: 108KB - Virtual size: 105KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 142KB

.rsrc Size: 348KB - Virtual size: 346KB

.text
Size: 108KB - Virtual size: 105KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 142KB

.rsrc
Size: 348KB - Virtual size: 346KB