44dc3f0b9a369a91699add7681712b9f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

44dc3f0b9a369a91699add7681712b9f_JaffaCakes118
Size

508KB
MD5

44dc3f0b9a369a91699add7681712b9f
SHA1

995f92f6bc2c89c1d189bbb1abfca29c2fca7146
SHA256

e3b60fe46c471044d46462de8b2dfda807d75b36dc0a6938b6cf20f554042018
SHA512

5283c6491ccad52675983475b13290db353cad518155b8ce7c315132d627431292c9f974e876becbc2867ca357a0fa82afbab197bfc5318641f15960b2a58b92
SSDEEP

3072:SFoXQy2iMAHzooXx5jPr2FiY4G4tHtFUpgTjo3fgFK3:SFHiMSphV2Fi5fHHi3vg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44dc3f0b9a369a91699add7681712b9f_JaffaCakes118

Files

44dc3f0b9a369a91699add7681712b9f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

42a4b707b82d821ddd45b6fcede7ea8f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

r.4YM4qhCz5DavnCoPhjjx.pdb

Imports

msvcrt

malloc
fputc

user32

CallMsgFilterA
DrawStateA
GetDlgItemInt
DrawFrameControl
GetProcessWindowStation
GetCursorInfo

avifil32

AVIFileGetStream

winscard

SCardListReadersA

netapi32

NetLocalGroupAddMembers

winspool.drv

GetPrintProcessorDirectoryW
FindFirstPrinterChangeNotification

lz32

LZSeek

setupapi

CM_Get_Next_Log_Conf

advapi32

DeregisterEventSource
FileEncryptionStatusW

kernel32

GetDiskFreeSpaceA
GetPrivateProfileStringW
GetSystemWindowsDirectoryW
SetMailslotInfo
GetFileTime
GetModuleHandleA
GetNamedPipeClientProcessId
GetTickCount
GetVolumeInformationW
WriteProcessMemory
FreeEnvironmentStringsW
GetCurrentProcess
GetUserDefaultLangID
GetTimeFormatW
GetSystemPowerStatus
GetConsoleWindow
FillConsoleOutputAttribute

gdi32

GetClipRgn
Rectangle
GetCharWidth32A
FillRgn
GetCharacterPlacementA

winmm

timeGetTime

Sections

.text
Size: 480KB - Virtual size: 478KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42a4b707b82d821ddd45b6fcede7ea8f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

user32

avifil32

winscard

netapi32

winspool.drv

lz32

setupapi

advapi32

kernel32

gdi32

winmm

Sections

.text Size: 480KB - Virtual size: 478KB

.rdata Size: 8KB - Virtual size: 6KB

.rsrc Size: 12KB - Virtual size: 19KB

DATA Size: 4KB - Virtual size: 3KB

.text
Size: 480KB - Virtual size: 478KB

.rdata
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 12KB - Virtual size: 19KB

DATA
Size: 4KB - Virtual size: 3KB