046944a0897d31a5b830d012446a6fe2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

046944a0897d31a5b830d012446a6fe2_JaffaCakes118
Size

588KB
MD5

046944a0897d31a5b830d012446a6fe2
SHA1

74d22d8a3e10ff5980fce9cdd139babfb95236fd
SHA256

a2fbde90cf3e583d392f2dd457be2c1360e12a5873411f11158e4e3f5962d17d
SHA512

31d3591711062d967d3866a2cd50fc0b4f27cbfa0461f8d6eb62f60f5530178c06fd263463d47f85321d3ebd579b35d9fb988612e5bf5a56c3660a86db2cba08
SSDEEP

12288:LJzFY0LoVqqc1RbA9Ik2jYjMtSQbnTvBUJlV0/+m9:LJ5YdV01Rbw2jHt7nCXFm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
046944a0897d31a5b830d012446a6fe2_JaffaCakes118

Files

046944a0897d31a5b830d012446a6fe2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ccca4f09930e229bf7f8634fde090653

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
LCMapStringA
UnhandledExceptionFilter
FreeLibrary
GetProfileStringA
GetWindowsDirectoryA
ReadFile
SetUnhandledExceptionFilter
SetEnvironmentVariableA
GetLocaleInfoA
IsDebuggerPresent
CloseHandle
GetDateFormatA
EnumSystemLocalesA
GetProcAddress
CreateMutexA
GetACP
WideCharToMultiByte
GetStdHandle
ExitProcess
GetStartupInfoA
TlsAlloc
DeleteCriticalSection
WriteFile
Sleep
GetFileType
LeaveCriticalSection
WriteConsoleA
FreeEnvironmentStringsA
WriteConsoleW
VirtualAlloc
WaitForDebugEvent
TerminateProcess
HeapFree
GetLastError
GetEnvironmentStrings
MultiByteToWideChar
GetVersionExA
TlsSetValue
GetConsoleOutputCP
GetTimeFormatA
GetStringTypeW
CreateFileA
GetConsoleCP
GetCurrentThread
GetConsoleMode
GetTickCount
GlobalLock
lstrcmpW
OpenMutexA
GetCurrentProcessId
TlsGetValue
TlsFree
GetCurrentProcess
SetFilePointer
FlushFileBuffers
HeapAlloc
HeapCreate
GetLocaleInfoW
HeapSize
LocalAlloc
GetModuleFileNameA
InterlockedIncrement
InitializeCriticalSection
RtlUnwind
SetLastError
SetStdHandle
SetHandleCount
VirtualFree
FileTimeToLocalFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
LoadLibraryA
IsValidCodePage
InterlockedDecrement
QueryPerformanceCounter
GetCurrentThreadId
GetCommandLineA
EnterCriticalSection
CompareStringW
HeapDestroy
GetProcessHeap
GetModuleHandleA
SetConsoleCtrlHandler
HeapReAlloc
VirtualQueryEx
GetTimeZoneInformation
GetCPInfo
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetStringTypeA
LCMapStringW
VirtualQuery
GetOEMCP
InterlockedExchange
IsValidLocale

wininet

FtpCommandW

comctl32

InitMUILanguage
ImageList_GetIconSize
ImageList_DragEnter
ImageList_Replace
CreatePropertySheetPage
ImageList_SetOverlayImage
ImageList_AddIcon
CreateToolbar
ImageList_DrawEx
CreateMappedBitmap
CreatePropertySheetPageA
InitCommonControlsEx
ImageList_DragShowNolock

user32

LoadCursorFromFileW
CreateWindowExW
GetClassLongA
IsCharUpperA
DestroyWindow
RegisterClassA
LookupIconIdFromDirectory
CreateMDIWindowW
SetWindowLongA
OpenClipboard
EnumDesktopsA
TranslateMessage
SetSysColors
DdeInitializeW
CharLowerBuffA
DdeNameService
DefWindowProcA
SetCursor
DdeClientTransaction
GetPropW
OpenDesktopA
ShowWindow
TranslateAcceleratorW
SetDoubleClickTime
CheckDlgButton
SendNotifyMessageA
SetRect
DrawStateA
MessageBoxA
SetClipboardData
SetDlgItemTextW
GetUserObjectSecurity
EnumDisplaySettingsExA
DefMDIChildProcW
GetClassNameW
LoadImageW
RegisterClassExA

gdi32

SetICMProfileA
Pie
GetBkMode

Sections

.text
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccca4f09930e229bf7f8634fde090653

Headers

File Characteristics

Imports

kernel32

wininet

comctl32

user32

gdi32

Sections

.text Size: 164KB - Virtual size: 161KB

.rdata Size: 260KB - Virtual size: 259KB

.data Size: 112KB - Virtual size: 119KB

.rsrc Size: 48KB - Virtual size: 45KB

.text
Size: 164KB - Virtual size: 161KB

.rdata
Size: 260KB - Virtual size: 259KB

.data
Size: 112KB - Virtual size: 119KB

.rsrc
Size: 48KB - Virtual size: 45KB