04613be106e046144c9b3fd39d119d31_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

04613be106e046144c9b3fd39d119d31_JaffaCakes118
Size

407KB
MD5

04613be106e046144c9b3fd39d119d31
SHA1

c59ebf93f2b3c350d725d0760b1a3195280fa191
SHA256

c45a0a22acdc9650d24f16a1ed47a5faa4d3b2440aed7902b96fc2246590ac55
SHA512

279e190f2dba4e55d4ccb02eaae6dc039973245a16d3f1a0243e82e291cf06a6b14d45be6ba94599b8a506f8207cf94ddf774cbd539471cfcc90b0773450564d
SSDEEP

6144:d5UQe/xLqmA3QCBb/PhtoXYaDVJ4rybKPCVPo6CRBEVuNtTO8oIeipViaU9lXyi:pepL3Gd2YaDVJ4GbKpPN4Zl4YaUii

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04613be106e046144c9b3fd39d119d31_JaffaCakes118

Files

04613be106e046144c9b3fd39d119d31_JaffaCakes118
.exe windows:4 windows x86 arch:x86

725674fb721e0c8cf6373ff91701ceb7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetGlyphOutlineA
TextOutW
SelectObject
CreatePenIndirect
SetBitmapBits
GdiSetBatchLimit
GetDeviceGammaRamp
GetBitmapBits

kernel32

GetOEMCP
GetCurrentProcess
IsBadWritePtr
HeapDestroy
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
LCMapStringA
GetStdHandle
WriteFile
LoadResource
GetEnvironmentStrings
GetProcAddress
ExitProcess
GetFileType
GetEnvironmentStringsW
LeaveCriticalSection
HeapCreate
GetCurrentThreadId
GetStringTypeW
EnumResourceTypesA
RtlUnwind
GetTickCount
LCMapStringW
SetHandleCount
GetStringTypeA
EnterCriticalSection
InitializeCriticalSection
InterlockedCompareExchange
HeapFree
InterlockedExchange
TlsSetValue
WideCharToMultiByte
QueryPerformanceCounter
VirtualFree
MultiByteToWideChar
SetFileAttributesA
GetCurrentProcessId
TerminateProcess
GetFileAttributesW
TlsAlloc
TlsGetValue
SetLastError
GetCommandLineA
VirtualQuery
HeapReAlloc
VirtualAlloc
GetStartupInfoA
LoadLibraryA
GetLastError
GetModuleHandleA
UnhandledExceptionFilter
GetModuleFileNameA
GetCPInfo
GetACP
DeleteCriticalSection
HeapAlloc
TlsFree
GetCurrentThread
GetVersion
FreeEnvironmentStringsW

wininet

ShowClientAuthCerts
InternetConnectW

user32

SetDeskWallpaper
SetWindowWord
GetUserObjectInformationA
DdeInitializeA
LoadAcceleratorsA
GetNextDlgGroupItem
DdeCreateStringHandleW
EmptyClipboard
SetMenuItemInfoW
MessageBoxExA
GetCapture
SetScrollRange
GetMenuBarInfo
SetWindowLongW
ValidateRect
CharToOemW
UnregisterClassW
OpenInputDesktop
PackDDElParam
InSendMessageEx

comdlg32

ReplaceTextW

advapi32

RegSetValueW
LookupPrivilegeDisplayNameA
CryptHashSessionKey
CryptSetProviderA
LookupAccountNameW
CryptEnumProviderTypesA

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

725674fb721e0c8cf6373ff91701ceb7

Headers

File Characteristics

Imports

gdi32

kernel32

wininet

user32

comdlg32

advapi32

Sections

.text Size: 118KB - Virtual size: 117KB

.rdata Size: 4KB - Virtual size: 26KB

.data Size: 276KB - Virtual size: 275KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 118KB - Virtual size: 117KB

.rdata
Size: 4KB - Virtual size: 26KB

.data
Size: 276KB - Virtual size: 275KB

.rsrc
Size: 8KB - Virtual size: 7KB