50a808084f46d645b2c15b856ddf3db1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

50a808084f46d645b2c15b856ddf3db1_JaffaCakes118
Size

1.2MB
MD5

50a808084f46d645b2c15b856ddf3db1
SHA1

fade2a2da7ff240d58d8e48ed60d1c0d6f318554
SHA256

23a4dc2495d86225e671482da2706709bc80d59b9465e4c14fe5fda64c34ff35
SHA512

92cd70a7544b261bfd242c7edf8c8bdb872f0cca139fae6b943671a37381cb70831f3fb4c518f729b0ec15745f214ddaf6161aac24cec78004b4f1b9edc574c4
SSDEEP

12288:rRPln82x3SEHNczUAyTbaOtkcsMc3UBjghVL7+AfGiJESDK7reICRDvRrAGaJpKS:9jhSsN+UZaODs6jCfZJPDK7XaDZrAGat

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50a808084f46d645b2c15b856ddf3db1_JaffaCakes118

Files

50a808084f46d645b2c15b856ddf3db1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d16e9073428f2b62f9f02cb3a3d2a3e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Or\Or\Your\Software.pdb

Imports

kernel32

FindNextFileW
FindFirstFileW
MoveFileW
DeleteFileW
TlsAlloc
GetFileAttributesExW
GetModuleFileNameW
GetFileAttributesW
GetCommandLineW
VerSetConditionMask
VerifyVersionInfoW
GetStdHandle
GetFileType
SetLastError
GetConsoleOutputCP
GetModuleHandleA
Sleep
QueryPerformanceCounter
ReleaseSemaphore
ResetEvent
GetModuleFileNameA
MultiByteToWideChar
lstrlenW
DisableThreadLibraryCalls
GetVersionExW
CreateEventW
CloseHandle
SetEvent
WaitForSingleObject
GetProcessHeap
TlsFree
InterlockedIncrement
GetModuleHandleW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcmpW
SetThreadPriority
IsProcessorFeaturePresent
DebugBreak
QueryPerformanceFrequency
MulDiv
HeapAlloc
InterlockedCompareExchange
CreateEventA
WideCharToMultiByte
OutputDebugStringA
RtlUnwind
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetVersion
LocalAlloc
GetEnvironmentStrings
GetEnvironmentStringsW
GetDiskFreeSpaceA
SystemTimeToFileTime
GlobalMemoryStatus
GetConsoleAliasExesLengthW
AddConsoleAliasW
GetLocalTime
CreateFileW
SetFilePointerEx
TlsSetValue
FreeLibrary
OutputDebugStringW
GetStartupInfoA
CreateFileA
ExitProcess
CreateDirectoryExW
HeapFree
ExitThread
GetConsoleAliasesW

user32

EnumDisplayMonitors
FillRect
GetDC
GetDesktopWindow
EnumDisplaySettingsW
InvalidateRect
EnumDisplayDevicesW
IsIconic
MapWindowPoints
MonitorFromWindow
DefWindowProcW
SetForegroundWindow
SetWindowLongW
MonitorFromRect
GetForegroundWindow
GetWindowRect
RegisterClassW
CreateWindowExW
IsWindow
CharNextA
LoadStringW
IntersectRect

advapi32

IsTextUnicode
RegCloseKey
RegCreateKeyW
RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExW
RegQueryValueExW

ole32

CoTaskMemAlloc
CoTaskMemFree
PropVariantCopy
CoCreateInstance
CoUninitialize
StringFromGUID2
CoFreeUnusedLibraries

msvcrt

malloc
free

winmm

timeBeginPeriod
timeEndPeriod

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d16e9073428f2b62f9f02cb3a3d2a3e3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

msvcrt

winmm

Sections

.text Size: 120KB - Virtual size: 118KB

.idata Size: 8KB - Virtual size: 4KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 108KB - Virtual size: 2.7MB

.rsrc Size: 32KB - Virtual size: 28KB

.text
Size: 120KB - Virtual size: 118KB

.idata
Size: 8KB - Virtual size: 4KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 108KB - Virtual size: 2.7MB

.rsrc
Size: 32KB - Virtual size: 28KB