f4d397a690b12ca47f083d5cb58dc631_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f4d397a690b12ca47f083d5cb58dc631_JaffaCakes118
Size

32KB
MD5

f4d397a690b12ca47f083d5cb58dc631
SHA1

b498ea44042c06020f9e776a0c78ecb301285ac4
SHA256

6a10db0557ad2462c2000b64c76c518ec4c2284c1ce7d4520378e8c7bcc93c14
SHA512

4101fcfd9ce847675c47294e330636cfb2e72f774fd5739352ff54fb42487967249c9cbdfe6a80e7083340c0d4950ae8ef23466fa324221fb70d20b99202538e
SSDEEP

384:m4aAlooeQKLJP8L9TQzsIBj1StG64q9/THzNiaBkkHpX9cx1m6WyRV1:m4VlooeXP64jBgtV9saBLHlemZyj1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4d397a690b12ca47f083d5cb58dc631_JaffaCakes118

Files

f4d397a690b12ca47f083d5cb58dc631_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c2f11c6165cc9ba9dd167965ea4e954

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord537
ord535
ord1601
ord800
ord823
ord825

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
printf
_except_handler3
strcspn
strncpy
rand
wprintf
__CxxFrameHandler
wcscmp
sprintf
srand
??1type_info@@UAE@XZ
_CxxThrowException
fclose
fwrite
fopen
strstr

kernel32

CreateProcessA
GetTickCount
GetModuleFileNameA
Sleep
CreateMutexA
LocalFree
CloseHandle
WaitForSingleObject
GetLastError
GetStartupInfoA
GetModuleHandleA
ResumeThread
TerminateProcess
LoadLibraryA
GetProcAddress
FreeLibrary
GetSystemDirectoryA
GetShortPathNameA
GetEnvironmentVariableA
lstrcpyA
lstrcatA
GetCurrentProcess
SetPriorityClass
GetCurrentThread
SetThreadPriority
CreateThread

user32

SetActiveWindow
PostMessageA
SetThreadDesktop
RegisterWindowMessageA
EnumChildWindows
SendMessageTimeoutA
GetWindowTextA
GetClassNameA
SendMessageA
FindWindowExA
EnumWindows
wsprintfA
FindWindowA
CreateDesktopA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

ole32

CoInitialize
CoCreateInstance

oleaut32

VariantInit
VariantClear
SysFreeString

urlmon

URLDownloadToFileA

iphlpapi

GetAdaptersInfo

oleacc

ObjectFromLresult

winmm

mixerGetLineInfoA
mixerGetLineControlsA
mixerGetNumDevs
mixerOpen
mixerGetDevCapsA
mixerSetControlDetails

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2c2f11c6165cc9ba9dd167965ea4e954

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

ole32

oleaut32

urlmon

iphlpapi

oleacc

winmm

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 3KB