443e5cee426192b93d162433cb021205_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

443e5cee426192b93d162433cb021205_JaffaCakes118
Size

452KB
MD5

443e5cee426192b93d162433cb021205
SHA1

9cbb7cb17a195d5519456043b07f93130ac30de6
SHA256

32fcd24d3e8be671e9d806fa58939965e413f09308b3c5f1ed051f8a56799773
SHA512

ebe1faca47f4f15820b85cd7822cac500c5f4cc60735855dc2344f42a2314b6125995b6a3e48add2e48431dc7fd3faec72ddfa6886fee5ecaf483f834d709cb0
SSDEEP

6144:yThOgUGmF2eJx5Cn4fvbRFSxCAxp5d6+eIfVth+cRuqw4FlAHitZ+hy6WSyuDZI2:5n20C439FSoWPI+dgcRuqwP5uShxf+2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
443e5cee426192b93d162433cb021205_JaffaCakes118

Files

443e5cee426192b93d162433cb021205_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7449db58728ba86b6d44a6e6d1877885

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
GetProcessHeap
HeapValidate
FillConsoleOutputAttribute
GetFileType
WritePrivateProfileStructW
HeapAlloc
TlsFree
MultiByteToWideChar
InterlockedDecrement
SetHandleCount
GetPriorityClass
VirtualFree
EnumSystemLocalesA
LCMapStringW
LeaveCriticalSection
WideCharToMultiByte
GetLocaleInfoW
GetModuleFileNameW
GlobalLock
IsValidLocale
GetACP
GetOEMCP
GetCPInfo
CreateNamedPipeA
GetStdHandle
SetEnvironmentVariableA
GetLocaleInfoA
GetProcAddress
OpenFileMappingW
GetLastError
Sleep
GlobalAddAtomW
FreeLibrary
GetDateFormatW
GetStringTypeA
VirtualQuery
InitializeCriticalSection
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
GetTimeFormatA
SetConsoleCtrlHandler
GetEnvironmentStringsW
HeapReAlloc
HeapSize
ExitProcess
GetPrivateProfileSectionNamesW
EnterCriticalSection
VirtualAlloc
TlsAlloc
QueryPerformanceCounter
GetCurrentProcess
GetVersionExA
GetModuleHandleA
GetCurrentThread
GetTimeZoneInformation
GetUserDefaultLCID
GetCurrentThreadId
IsValidCodePage
TlsSetValue
FreeEnvironmentStringsW
GetDateFormatA
GetCurrentProcessId
WriteFile
HeapCreate
FreeEnvironmentStringsA
LocalLock
GetTickCount
GetStartupInfoW
GetSystemTimeAdjustment
GetCommandLineW
LCMapStringA
InterlockedIncrement
RtlUnwind
GetCommandLineA
GetSystemTimeAsFileTime
InterlockedExchange
HeapDestroy
UnmapViewOfFile
GetStringTypeExW
GetEnvironmentStrings
UnhandledExceptionFilter
GetStartupInfoA
GetStringTypeW
HeapFree
TerminateProcess
LoadLibraryA
GlobalFlags
SetLastError
TlsGetValue
CompareStringW
GetModuleFileNameA

advapi32

CryptContextAddRef
RegLoadKeyA
RegOpenKeyW
CryptEnumProvidersA
StartServiceW
CryptCreateHash
RegQueryValueW
LookupSecurityDescriptorPartsW
LookupAccountNameA
RegOpenKeyA
LookupPrivilegeValueA
LookupPrivilegeDisplayNameW

gdi32

CreateDIBitmap
ArcTo
GetMetaFileBitsEx
WidenPath
GetViewportExtEx
DeleteMetaFile
GetBrushOrgEx
GetDIBits

user32

LoadCursorA
CallWindowProcW
GetForegroundWindow
SetClassWord
SetDlgItemTextW
CheckRadioButton
GetKeyboardState
DdeAbandonTransaction
InflateRect
CloseWindow
SendNotifyMessageW
LoadMenuA
SetCursorPos
EnumWindowStationsA
SendInput
DialogBoxParamA
SetMenuItemInfoA
EnumPropsExA
EnableScrollBar
DefFrameProcA
CreateIconFromResourceEx
DdeGetLastError

Sections

.text
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7449db58728ba86b6d44a6e6d1877885

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

user32

Sections

.text Size: 174KB - Virtual size: 174KB

.data Size: 274KB - Virtual size: 274KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 174KB - Virtual size: 174KB

.data
Size: 274KB - Virtual size: 274KB

.rsrc
Size: 2KB - Virtual size: 2KB