4378f55a4300857ebe3e4c74256944ef_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4378f55a4300857ebe3e4c74256944ef_JaffaCakes118
Size

423KB
MD5

4378f55a4300857ebe3e4c74256944ef
SHA1

5c3b08b29b0b07d061a83186a8e88b5975030245
SHA256

c9f148e938a55f8b1ff23c7db0081e93c5f666b642521f602f7f89b4d64dcd14
SHA512

6dee8bc0a7416380373b5cda741ebd7358b5bf2001012229237fe36a395cc9ede8b6c85393b374bdc0016e4ee36f52795c0ae8ea8fb6da919700ef29810456d5
SSDEEP

12288:ZWNziYgBAV/X/bDoNAJwzGMy2ka0ONXdA/606:2ziYga/vbmIwzGtONKq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4378f55a4300857ebe3e4c74256944ef_JaffaCakes118

Files

4378f55a4300857ebe3e4c74256944ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d5f299abec49d0955d54e6f15b544554

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CopyIcon
AppendMenuA
CloseClipboard
EndDeferWindowPos
DdeSetUserHandle
CharNextA
GetDC
DdeNameService
GetClipCursor
DlgDirListComboBoxA
CharLowerBuffA

msvcrt

iswxdigit
__threadhandle
_atoldbl
sprintf
_jn
_outpw
_filelength
_findfirsti64
_safe_fdiv
localtime
_gmtime64
remove
_lseek
strxfrm
_kbhit
_acmdln
_chdir
_ismbcsymbol
_locking
toupper
setvbuf
strpbrk
ispunct
_wcsicoll
_CIasin
_CIsinh
_getdiskfree
_CIcosh
strerror
iswdigit
_getsystime
_rmdir
_gcvt
__RTtypeid
atexit
__wargv

gdi32

CreateMetaFileW
SetMapMode
SetDIBitsToDevice
GetSystemPaletteUse
FillPath
GdiGetBatchLimit
AnimatePalette
CreatePalette
TextOutA
GetMetaFileBitsEx
GetEnhMetaFileBits
CheckColorsInGamut
GetCurrentObject
GetMiterLimit
SetGraphicsMode
GetMetaRgn
GetStockObject
GetPixelFormat
SetICMProfileA
SelectClipRgn
CreateDIBSection
BeginPath
GetClipBox

advapi32

EqualSid
ImpersonateSelf
GetServiceDisplayNameW
RegEnumKeyExW
RegReplaceKeyW
GetTrusteeTypeW
BuildExplicitAccessWithNameA
BackupEventLogW
RegDeleteValueW
NotifyChangeEventLog
BuildTrusteeWithSidW
GetSecurityInfoExA
PrivilegedServiceAuditAlarmA
GetCurrentHwProfileW
GetTokenInformation
SetEntriesInAuditListA

kernel32

CreateHardLinkA
ExitVDM
Toolhelp32ReadProcessMemory
ExitProcess
GetModuleHandleA
GetDefaultCommConfigW
FindAtomW
GetLogicalDriveStringsA
GetPrivateProfileStringW
ReadProcessMemory
GetLocalTime
lstrcatA
VirtualFree
VirtualAlloc
EnumDateFormatsA
DebugBreak
MapViewOfFile
WriteProfileStringW
FileTimeToSystemTime
GetDateFormatW
LeaveCriticalSection
GetPrivateProfileStructA
GetCommandLineA
OpenSemaphoreA
GetDefaultCommConfigA
LocalFree
GetWindowsDirectoryW
_lwrite
GetConsoleCommandHistoryA
SetCommMask
PurgeComm
UpdateResourceA
GetNumberOfConsoleInputEvents
GetStartupInfoA
GetVersion
GetHandleInformation
GlobalLock
VirtualAlloc
lstrcmpiW
lstrlenW
Sleep
FreeLibrary
GetNumberFormatW
WaitNamedPipeA

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qtc
Size: 189KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sea
Size: 187KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qnbn
Size: 38KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5f299abec49d0955d54e6f15b544554

Headers

File Characteristics

Imports

user32

msvcrt

gdi32

advapi32

kernel32

Sections

.text Size: 7KB - Virtual size: 8KB

.qtc Size: 189KB - Virtual size: 228KB

.sea Size: 187KB - Virtual size: 337KB

.qnbn Size: 38KB - Virtual size: 398KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 8KB

.qtc
Size: 189KB - Virtual size: 228KB

.sea
Size: 187KB - Virtual size: 337KB

.qnbn
Size: 38KB - Virtual size: 398KB

.reloc
Size: 1024B - Virtual size: 1KB