44865436b95915aab787f6e95554f55c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

44865436b95915aab787f6e95554f55c_JaffaCakes118
Size

1.5MB
MD5

44865436b95915aab787f6e95554f55c
SHA1

68694abe3d076bc6a8b4b92c6d2f7cb03c282d0d
SHA256

cc238ea658038ee953d60eee8a87a7dbb4d494d69b07c3cc3258f4358552bf2c
SHA512

5e4f73ae7e65b0f806c5ff3930aff32329958fae17be0d913cfbf7cca3f15cad2a6b20e8dd52056cfe2831bca2819c82afb8a0fd4f1daaad09520129f27f6dab
SSDEEP

24576:rF0Lr6m6GiD0lDM1BPnVw52hmvkHpRzD4nIoGPkmjz3IJlNN22TIx9xPR7BAk5qw:rLpD0OBPV82hmvy5CIoQk1JlNNmFpPP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44865436b95915aab787f6e95554f55c_JaffaCakes118

Files

44865436b95915aab787f6e95554f55c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bed2764c794fa2843e23f3b9478b472c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetCurrentProcessId
GetStartupInfoA
ReadFile
LoadLibraryA
GetCurrentThreadId
HeapAlloc
WriteFile
SetThreadContext
WideCharToMultiByte
TlsAlloc
MultiByteToWideChar
GlobalAddAtomA
VirtualAlloc
GetOEMCP
GetFileType
TlsGetValue
FreeEnvironmentStringsA
IsBadWritePtr
VirtualQuery
GetStdHandle
GetLocaleInfoA
CompareStringA
MoveFileExA
GetModuleHandleA
TlsSetValue
GetCPInfo
GetProcAddress
GetModuleFileNameA
InterlockedExchange
CopyFileA
CreateDirectoryExA
GetTickCount
HeapSize
GetStartupInfoW
GetStringTypeW
GetVersionExA
LoadModule
QueryPerformanceCounter
FlushFileBuffers
GetTimeFormatA
LCMapStringA
GetEnvironmentStrings
ExitProcess
CloseHandle
HeapCreate
GetLocaleInfoW
OpenMutexA
LeaveCriticalSection
GetACP
RtlUnwind
SetStdHandle
GetStringTypeA
EnterCriticalSection
CompareStringW
GetCurrentThread
GetLastError
HeapDestroy
InitializeCriticalSection
HeapReAlloc
GetDateFormatA
EnumSystemLocalesA
GetCurrencyFormatA
CreateMutexA
GetEnvironmentStringsW
SetHandleCount
GetTimeZoneInformation
TerminateProcess
TlsFree
FileTimeToSystemTime
SetConsoleMode
GetNumberFormatW
GetCommandLineA
IsValidLocale
GetShortPathNameW
VirtualFree
HeapFree
DeleteCriticalSection
FreeEnvironmentStringsW
ReadConsoleOutputAttribute
LCMapStringW
SetLastError
VirtualProtect
IsValidCodePage
SetEnvironmentVariableA
GetCurrentProcess
GetSystemInfo
SetFilePointer

user32

LoadImageW
OpenDesktopA
ReplyMessage
DestroyCursor
CopyAcceleratorTableA
wsprintfW
WaitMessage
DdeQueryNextServer
TileWindows
GetTabbedTextExtentW
PackDDElParam
SetRectEmpty
SetClassWord
OemToCharBuffA
EndPaint
EnumClipboardFormats
RegisterClassExA
DrawMenuBar
DdeCmpStringHandles
SetThreadDesktop
MonitorFromRect
TabbedTextOutW
GetMessageW
GetKeyboardLayout
RegisterClassA
LookupIconIdFromDirectoryEx

comctl32

ImageList_DragLeave
InitCommonControlsEx
CreatePropertySheetPageA
ImageList_GetBkColor
ImageList_Destroy

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bed2764c794fa2843e23f3b9478b472c

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 125KB - Virtual size: 125KB

.rdata Size: 244KB - Virtual size: 253KB

.data Size: 1.2MB - Virtual size: 1.2MB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 125KB - Virtual size: 125KB

.rdata
Size: 244KB - Virtual size: 253KB

.data
Size: 1.2MB - Virtual size: 1.2MB

.rsrc
Size: 15KB - Virtual size: 15KB