44494b9f185a4ac277e09f8ed05c350f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

44494b9f185a4ac277e09f8ed05c350f_JaffaCakes118
Size

364KB
MD5

44494b9f185a4ac277e09f8ed05c350f
SHA1

45c5f3aaebf0ee08c96a32e9c5f1dafd531eb982
SHA256

1d8810b9f4e565d39926c931ec4c6f97a4de028aaeab7f00d05b0faf50905d48
SHA512

1dcfc0d971aeb9e98389ccc10f61c2bb7cd0421845eb999f253e91b2cadb7f0127561957fa8b5f3ac43016b355eb160fc02a253c399034b76caef7119b8503e9
SSDEEP

6144:fQLHwAGKsO5dxYoPqa2HpByIQ6hxApa1R/4aCcRJphoHRYjDju3UboG9H3UcVBe:f6Q5Kxd7yPHaJYz4aCOsK/Sk8Gx3UEBe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44494b9f185a4ac277e09f8ed05c350f_JaffaCakes118

Files

44494b9f185a4ac277e09f8ed05c350f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

38665a2b2b22d37c300961cf98891044

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesW
SetEvent
LocalAlloc
InterlockedExchange
Sleep
InterlockedCompareExchange
FormatMessageW
lstrcpyW
lstrcatW
WritePrivateProfileStringW
UnmapViewOfFile
SystemTimeToFileTime
FileTimeToSystemTime
LoadLibraryW
GetProcAddress
GetComputerNameW
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
CreateFileMappingW
WaitForSingleObject
MapViewOfFile
CreateFileW
GetVolumeInformationW
DisableThreadLibraryCalls
GetThreadLocale
CreateMutexW
InitializeCriticalSectionAndSpinCount
InterlockedIncrement
ReleaseMutex
DeleteFileW
LCMapStringW
CloseHandle
GetSystemTimeAsFileTime
WriteFile
lstrcmpiW
ExpandEnvironmentStringsW
GetFileAttributesW
CreateDirectoryW
LocalFree
IsBadWritePtr
IsBadReadPtr
MulDiv
GetModuleHandleA
FreeLibrary
lstrcmpW
TerminateProcess
InterlockedDecrement
VirtualProtect
lstrlenW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetCommandLineA
GetSystemTime
GetStartupInfoA

user32

LoadStringW
wvsprintfW
TranslateMessage
MsgWaitForMultipleObjectsEx
PeekMessageW
CharNextW
DispatchMessageW
CharToOemW
SetRect
ReleaseDC
GetDC
UnregisterClassA
SendMessageTimeoutA
wsprintfW
CreateDialogParamW
DefWindowProcW
KillTimer
SetTimer

advapi32

RegOpenKeyExW
RevertToSelf
RegDeleteValueW
RegDeleteKeyW
RegisterEventSourceW
CryptGenKey
ReportEventW
RegCreateKeyExW
RegQueryValueExW
GetLengthSid
IsValidSid
SetThreadToken
RegCloseKey
RegSetValueExW
RegCreateKeyW
ConvertStringSecurityDescriptorToSecurityDescriptorW
DeregisterEventSource
CopySid
CryptAcquireContextW
GetUserNameW
CryptDestroyKey
CryptReleaseContext
ImpersonateLoggedOnUser

gdi32

SelectObject
CreateFontIndirectA
SetBkMode
DeleteObject
CreateDIBSection
SetTextColor
ExtTextOutA
SetBkColor
GetSystemPaletteEntries
GetTextColor
DeleteDC

ole32

StringFromGUID2
CoTaskMemFree
CoTaskMemAlloc
CoFreeUnusedLibraries
CoCreateGuid
CoCreateInstance
CoInitialize
CoUninitialize

rpcrt4

RpcStringFreeW
UuidCreate
UuidToStringW

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
__setusermatherr
__getmainargs
_acmdln
exit
_exit
_initterm
_amsg_exit
swprintf
wcstok
wcscpy
_XcptFilter
memset
_vsnprintf
iswxdigit
_wfullpath
fclose
fread
fseek
_CxxThrowException
ftell
_wfopen
_ui64tow
printf
wcslen
towupper
iswspace
memcpy
_except_handler3
free
sprintf
memmove
_onexit
__dllonexit
_adjust_fdiv
realloc
malloc
_waccess
_wsplitpath
wcstombs
_wtol
wcsncpy

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 284KB - Virtual size: 560KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38665a2b2b22d37c300961cf98891044

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

rpcrt4

msvcrt

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 284KB - Virtual size: 560KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 284KB - Virtual size: 560KB

.rsrc
Size: 4KB - Virtual size: 1KB