4284a3fcf639f37c2dff5bbf14bedba4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4284a3fcf639f37c2dff5bbf14bedba4_JaffaCakes118
Size

73KB
MD5

4284a3fcf639f37c2dff5bbf14bedba4
SHA1

76545f437fb6ef69434b70d07815a80deca0f353
SHA256

151cfc6e4133b95b8438eae68a9c3567fc9b11ae31dedcfda944782f6a39f06f
SHA512

1de629cd42c7a0d9e027c9051aaab48ccddbb8afc60041aa984975c2a674fe1e4070ed4133bf852fa846ac44b72943c44b31ad6c5c5bd7c3d6caa37a5388bcd4
SSDEEP

1536:S7Nn0QpgIktNUkrQtQ/n//HdKNXSolongxrpO+ogU0WeVWj:KNnFpgIktNUGR/3HOVlMgxrpO+onesj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4284a3fcf639f37c2dff5bbf14bedba4_JaffaCakes118

Files

4284a3fcf639f37c2dff5bbf14bedba4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45e1138d4c4c7584ab8049e841ac86ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

OpenSCManagerW
OpenServiceW
SetEntriesInAclW
StartServiceW
SetSecurityDescriptorDacl
CloseServiceHandle
InitializeSecurityDescriptor
QueryServiceStatus
AllocateAndInitializeSid
GetUserNameW

gdi32

SetWindowExtEx
GetStockObject
SetViewportExtEx
ScaleViewportExtEx
DeleteDC
OffsetViewportOrgEx
SetViewportOrgEx

kernel32

Sleep
OpenFileMappingW
SetLocalTime
QueryDosDeviceW
GetDriveTypeW
WideCharToMultiByte
SetFileTime
OpenEventW
ReadFile
InterlockedIncrement
GetVolumeInformationW
FormatMessageW
GetSystemDirectoryW
GetFullPathNameW
FindResourceA
GetDateFormatW
SetUnhandledExceptionFilter
LocalAlloc
DeviceIoControl
GetPrivateProfileIntW
lstrlenA
GetDiskFreeSpaceExW
HeapReAlloc
CreateFileW
GetPrivateProfileSectionW
FormatMessageA
GetFileAttributesW
LocalReAlloc
GetCommandLineW
InterlockedExchange
SetCurrentDirectoryW
GlobalFree
GetWindowsDirectoryW
GetModuleFileNameW
FlushViewOfFile
BackupSeek
CreateMutexW
CreateSemaphoreW
lstrcmpW
GetStartupInfoA
IsBadStringPtrW
GetCurrentThreadId
GetTimeFormatW
CopyFileW
GetCurrentProcess
GetProcAddress
CreateDirectoryW
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapSize
LocalFree
GetLogicalDriveStringsW
InterlockedDecrement
QueryPerformanceCounter
GetExitCodeProcess
FreeLibrary
MultiByteToWideChar
lstrcmpiW
OpenMutexW
IsValidLocale
GlobalAlloc
WriteFile
GetProcessHeap
GetModuleHandleA
SetLastError
ExpandEnvironmentStringsW
GetModuleFileNameW
lstrlenW
GetTickCount
GetLastError
EnumDateFormatsW
GetPrivateProfileStringW
RaiseException
ReleaseMutex
SetThreadPriorityBoost
DeleteFileW
SetFilePointer
UnhandledExceptionFilter

ole32

CoUninitialize
GetRunningObjectTable
CoInitialize
CoCreateInstance
OleGetIconOfClass
CoTaskMemFree
CreateItemMoniker

user32

GetWindowInfo
IsHungAppWindow
RegisterClassExW
IsWindowVisible
IsDialogMessageW
GetWindowLongW
LoadStringW
CreateWindowExW
DestroyWindow
PostMessageW
SendMessageW

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45e1138d4c4c7584ab8049e841ac86ce

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

user32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 9KB

.rsrc Size: 3KB - Virtual size: 3KB

.rdata Size: 53KB - Virtual size: 55KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 3KB - Virtual size: 3KB

.rdata
Size: 53KB - Virtual size: 55KB