4912276b84450748b7bde3fa87b17fee_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4912276b84450748b7bde3fa87b17fee_JaffaCakes118
Size

1.1MB
MD5

4912276b84450748b7bde3fa87b17fee
SHA1

755613c4daf5386e153f8d93df51054ce291c2ab
SHA256

01a063982f06b9cbbac7433635b3c48746686b2dcbaf6030ad59390435a15ea0
SHA512

f6fc1688072a8fffed8cb670d8d6f711305079f4e5827adb19a1046ba47df5ff9e8ba1431b22e55a02b07af1b7c072b227aabc3cdb4ba6c746b8d1b67f7914cc
SSDEEP

24576:sSdFgUxL6imOFbq5Hvv/5mQEiZ8xAG0my:sAHZZmOavZmQaemy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4912276b84450748b7bde3fa87b17fee_JaffaCakes118

Files

4912276b84450748b7bde3fa87b17fee_JaffaCakes118
.exe windows:5 windows x86 arch:x86

524ddb6e74157b4ee8b152e70b06e403

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdePostAdvise
EnumDisplayMonitors
GetMonitorInfoW
MapDialogRect
IsDialogMessageW
GetIconInfo
CopyIcon
DrawIconEx
CreateIcon
GetWindowLongW
OffsetRect
InvertRect
GetSysColorBrush
ScreenToClient
AdjustWindowRectEx
SetScrollRange
SetScrollPos
ReleaseDC
GetWindowDC
GetDC
GetMenuInfo
LoadAcceleratorsW
CheckRadioButton
IsIconic
DestroyWindow
DefWindowProcW
SendMessageW
DispatchMessageW
RegisterWindowMessageW
GetKeyboardLayout

advapi32

RegOpenKeyExW
RegDeleteKeyW
RegCloseKey
RegSetValueExW

kernel32

GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
GetStringTypeW
HeapReAlloc
HeapAlloc
OutputDebugStringW
GetConsoleMode
LoadLibraryExW
IsProcessorFeaturePresent
IsDebuggerPresent
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
HeapFree
SetStdHandle
SetFilePointerEx
WriteConsoleW
RtlUnwind
CreateFileW
GetProcAddress
VirtualAlloc
GetCurrentProcessId
CreateFiberEx
GetCurrentThreadId
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WaitForSingleObject
GetFileType
GetFileSize
CloseHandle
GetLocalTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
lstrcmpiW
WriteFileGather
GetModuleHandleW
CompareStringW
GetLocaleInfoW
GetUserGeoID
GetThreadLocale
EnumSystemLocalesW
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCommandLineW
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TlsFree

shell32

SHGetFileInfoW
Shell_NotifyIconW
SHGetDesktopFolder

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 8.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

524ddb6e74157b4ee8b152e70b06e403

Headers

File Characteristics

Imports

user32

advapi32

kernel32

shell32

Sections

.text Size: 67KB - Virtual size: 67KB

.data Size: 1.0MB - Virtual size: 8.0MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 4KB - Virtual size: 4KB

.text
Size: 67KB - Virtual size: 67KB

.data
Size: 1.0MB - Virtual size: 8.0MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 4KB - Virtual size: 4KB