4190d90c04beb8e166ae4cf628102336_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4190d90c04beb8e166ae4cf628102336_JaffaCakes118
Size

99KB
MD5

4190d90c04beb8e166ae4cf628102336
SHA1

acccafbb00b1501361457cdb416b2f901bfe61c2
SHA256

298e20c29cb6da323943682d2ea4368ab8e1b1a590ee23559dd54ab081c99209
SHA512

94ad30ef8766ac80d781d4cdb5d16f0e409192f310caf016172498c087f5e57d8a08a0aa0e40eb84201cdfd99d26414e4f8969e5c7f64d26d3e485cb31f79fe0
SSDEEP

1536:zPpvda3b9cYBSIUF3JBug7ybH5VCC42sIQ5LG0lRTNei:TdGbWlI4FWrp/K5LG0lRTN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4190d90c04beb8e166ae4cf628102336_JaffaCakes118

Files

4190d90c04beb8e166ae4cf628102336_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7aedc68138e958be5e0e4df2b8f0bd66

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
Process32Next
Process32First
CreateToolhelp32Snapshot
TerminateProcess
GetSystemDirectoryA
lstrlenA
SetSystemTime
GetSystemTime
WinExec
CreateFileA
GetCurrentProcess
lstrcatA
MultiByteToWideChar
lstrlenW
GetTempPathA
CopyFileA
MoveFileA
GetTickCount
DeleteFileA
CreateMutexA
WideCharToMultiByte
FreeLibrary
LoadLibraryA
OutputDebugStringA
VirtualProtectEx
InitializeCriticalSection
GetLastError
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
ReadProcessMemory
OpenProcess
VirtualAllocEx
VirtualFree
WriteProcessMemory
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
HeapSize
IsBadWritePtr
HeapReAlloc
HeapCreate
HeapDestroy
SetFilePointer
ReadFile
WriteFile
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualQuery
SetUnhandledExceptionFilter
LCMapStringW
GetModuleHandleW
GetProcAddress
WaitForSingleObject
GetExitCodeThread
CloseHandle
Sleep
CreateThread
GetComputerNameA
GetModuleFileNameA
LCMapStringA
GetCPInfo
GetOEMCP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
GetTimeZoneInformation
RtlUnwind
ExitProcess

psapi

EnumProcessModules
GetModuleFileNameExA

user32

CreateWindowExA
EndPaint
BeginPaint
DestroyWindow
DefWindowProcA
GetWindowThreadProcessId
SendMessageA
GetClassNameA
GetDlgItem
PostQuitMessage
RegisterWindowMessageA
RegisterClassExA
GetWindowTextA
GetKeyState
EnumChildWindows
SendMessageTimeoutA
MessageBoxA
GetForegroundWindow
wsprintfA
LoadStringA
GetMessageA
LoadCursorA

advapi32

RegQueryValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegSetValueExA
RegCloseKey

ole32

CoInitialize
CoUninitialize

oleaut32

VariantClear
VariantInit
SysFreeString

urlmon

URLDownloadToFileA

Exports

Exports

DllCreatePinboardInstance
__NewGetMxd
__NewIeInfo

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7aedc68138e958be5e0e4df2b8f0bd66

Headers

File Characteristics

Imports

kernel32

psapi

user32

advapi32

ole32

oleaut32

urlmon

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 60KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 4KB

.aspack Size: 5KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

.text
Size: 60KB - Virtual size: 60KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 4KB

.aspack
Size: 5KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB