4bf7627ea2c0855878b99352d915ed70_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4bf7627ea2c0855878b99352d915ed70_JaffaCakes118
Size

976KB
MD5

4bf7627ea2c0855878b99352d915ed70
SHA1

06ec847af7266df68409d7dd1f33e4102d7ea9cc
SHA256

4ee124ceb3d69ff8e8c398912234f7aed5ae20f8b35c0d208ce86f2f7d61a664
SHA512

414f846951b6b64cd1614355200b245a5facb3449c271005375e1373c8a5ea3760e71b0ce6156863575f6857c2842d5a97d92cb058defdd2d705aaf927a6f499
SSDEEP

24576:rF9hCh/PRwgh1C4L9vRVt4++xPkjOqZRQIU:JDChRpCg1tmxPgOdIU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bf7627ea2c0855878b99352d915ed70_JaffaCakes118

Files

4bf7627ea2c0855878b99352d915ed70_JaffaCakes118
.exe windows:5 windows x86 arch:x86

454cc0b9c1959b567bfca39456008c3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GlobalLock
GlobalUnlock
VirtualAlloc
GetCurrentProcess
ExitProcess
GetCurrentThreadId
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
CloseHandle
GetSystemTime
GetModuleFileNameW
CreateProcessW
GetStartupInfoW
IsValidCodePage
GetModuleHandleW

msvcrt

_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit

setupapi

SetupOpenFileQueue
SetupInstallFromInfSectionW
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoListExW
SetupDiGetDeviceInfoListDetailW
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInstanceIdW
SetupDiEnumDriverInfoW
SetupDiGetSelectedDriverW
SetupDiGetClassDevsW
SetupDiCallClassInstaller
SetupDiOpenDevRegKey
SetupDiGetDeviceRegistryPropertyW
SetupDiSetDeviceRegistryPropertyW
SetupDiGetDeviceInstallParamsW
SetupDiGetActualSectionToInstallW
CM_Get_DevNode_Registry_Property_ExW
CM_Get_DevNode_Status
CM_Locate_DevNodeW
SetupFindNextLine

user32

BeginDeferWindowPos
IsIconic
GetDlgItemInt
CharPrevW
GetKeyboardType
IsWindowEnabled
DestroyMenu
GetClientRect
ShowCursor
EqualRect
DrawIconEx
SendMessageTimeoutW

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bb5ys
Size: 598KB - Virtual size: 597KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.62830m
Size: 347KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

454cc0b9c1959b567bfca39456008c3b

Headers

File Characteristics

Imports

kernel32

msvcrt

setupapi

user32

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 7.3MB

.bb5ys Size: 598KB - Virtual size: 597KB

.62830m Size: 347KB - Virtual size: 346KB

.rsrc Size: 8KB - Virtual size: 9KB

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 7.3MB

.bb5ys
Size: 598KB - Virtual size: 597KB

.62830m
Size: 347KB - Virtual size: 346KB

.rsrc
Size: 8KB - Virtual size: 9KB