47213c0d56ecb4fadb4d48902f376a2e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

47213c0d56ecb4fadb4d48902f376a2e_JaffaCakes118
Size

85KB
MD5

47213c0d56ecb4fadb4d48902f376a2e
SHA1

b71fcd4f6bf6595b8d89cd526618d4eda926e6d8
SHA256

4dbb89dd874f627147398789da8d1261e9cd18735b4ca424507865a42015f1d5
SHA512

025a82624b88096c3a9fcbce68310adad2af3f791354fc25a659748495fb11554c640d0ceb772ec89e6d3a3d3a87041ac4cb6276cfb599b38a5d8cabf1b7004b
SSDEEP

1536:+ezlhBDkOexwsyXyjCWCoHdlaWhTB2OcFcb7HZx8gvxrER:+ez79syeCroHzajFcfZx8gxE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47213c0d56ecb4fadb4d48902f376a2e_JaffaCakes118

Files

47213c0d56ecb4fadb4d48902f376a2e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a5eba7000d8f904f616b31a362b9704

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Module32NextW
Module32FirstW
Process32NextW
Process32FirstW
DeviceIoControl
GetShortPathNameW
GetCurrentProcessId
DeleteFileW
CreateFileW
GetTempPathW
GetVersionExW
lstrlenA
MultiByteToWideChar
RemoveDirectoryW
FindClose
GetLastError
FindNextFileW
lstrcmpW
FindFirstFileW
CreateProcessW
DebugBreak
OutputDebugStringW
QueryDosDeviceW
WriteFile
LockResource
SizeofResource
LoadResource
FindResourceW
GetModuleHandleW
FreeLibrary
GetProcAddress
LoadLibraryW
InterlockedExchange
GetOEMCP
GetACP
LoadLibraryA
GetStringTypeW
GetStringTypeA
OpenProcess
GetCPInfo
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCommandLineA
GetCommandLineW
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameW
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
TlsGetValue
SetLastError
HeapSize
TlsAlloc
TerminateProcess
Sleep
CreateToolhelp32Snapshot
Thread32First
Thread32Next
CloseHandle
InterlockedIncrement
lstrlenW
GetCurrentProcess
FlushInstructionCache
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
InterlockedDecrement
TlsSetValue
ExitProcess
GetVersion
GetStartupInfoW
GetModuleHandleA
WideCharToMultiByte
HeapAlloc
HeapReAlloc
HeapFree
RtlUnwind
EnterCriticalSection
GetCurrentThreadId
LeaveCriticalSection

user32

TranslateMessage
ShowWindow
PeekMessageW
DispatchMessageW
GetMessageW
GetSubMenu
CharNextW
wvsprintfW
EnableWindow
LoadStringW
PostQuitMessage
GetActiveWindow
DialogBoxParamW
SetWindowTextW
InvalidateRect
GetClassNameW
UpdateWindow
DestroyIcon
CharLowerW
GetWindowLongW
GetParent
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
SetWindowPos
GetSystemMetrics
LoadImageW
GetDlgItem
EndDialog
ClientToScreen
MonitorFromPoint
GetMonitorInfoW
TrackPopupMenu
PostMessageW
DestroyMenu
SendMessageW
EnumThreadWindows
IsIconic
SetForegroundWindow
IsWindowVisible
IsDialogMessageW
SetWindowLongW
DefWindowProcW
DestroyWindow
CreateDialogParamW
LoadMenuW

advapi32

OpenServiceW
RegCloseKey
RegOpenKeyExW
OpenSCManagerW
RegQueryValueExW
CreateServiceW
CloseServiceHandle
StartServiceW
DeleteService
ControlService

shell32

SHGetFolderPathW
ShellExecuteW
SHGetFileInfoW

ole32

CoCreateInstance
CLSIDFromProgID
CoInitialize
CoUninitialize

oleaut32

VariantCopy
SysAllocString
VariantClear

comctl32

ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_Create

shlwapi

PathFileExistsW

psapi

GetModuleFileNameExW

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a5eba7000d8f904f616b31a362b9704

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

psapi

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 16KB - Virtual size: 16KB