44c126b2a0c478fff80170c3b22342a7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

44c126b2a0c478fff80170c3b22342a7_JaffaCakes118
Size

352KB
MD5

44c126b2a0c478fff80170c3b22342a7
SHA1

d249ed4391dd61502ad8d7aa081842ad4253d7cb
SHA256

1f31035663f6ff438b0284a9bfd1aa7becfc46c31b09308b6a784f8e20bee5ff
SHA512

1e7833b8c83aaeee281721b2e34763ac79caa13847bd5230edcb86e020a255472eb1d452408a8e617028fa7773be6f6a1c2a12f956ec59d315081a51789e9768
SSDEEP

6144:iX9wgg9DY5uvnYG16XIsyuHU5AXVdDppmCdoDQfPykHE3G:G9wE5uw9XqUYMxpfWQfPD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44c126b2a0c478fff80170c3b22342a7_JaffaCakes118

Files

44c126b2a0c478fff80170c3b22342a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4526151ff677382fb3086fa6ad60c87f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

GetPriorityClipboardFormat
GetDoubleClickTime
GetSystemMenu
SetClassWord
IsCharUpperW
ChangeDisplaySettingsExA
CreateCursor
GetIconInfo
SetClassLongA
TranslateAcceleratorW
IsZoomed
RegisterClassA
InflateRect
ChildWindowFromPoint
RegisterClassExA
InvalidateRgn
TranslateMessage
LoadImageA
LoadImageW
UnhookWindowsHookEx

kernel32

LoadLibraryA
GetStringTypeW
ExitProcess
SetStdHandle
GetCurrentThreadId
EnumSystemLocalesA
HeapCreate
GetUserDefaultLCID
QueryPerformanceCounter
GetEnvironmentStringsW
TlsAlloc
HeapReAlloc
CloseHandle
VirtualProtect
LeaveCriticalSection
GetSystemTimeAsFileTime
IsValidLocale
RtlUnwind
SetEnvironmentVariableA
GetTimeZoneInformation
IsValidCodePage
SetLastError
GetACP
DeleteCriticalSection
Sleep
GetStartupInfoW
TlsGetValue
HeapDestroy
InterlockedExchange
InitializeCriticalSection
GetModuleHandleA
HeapAlloc
GetLastError
FlushFileBuffers
CreateMutexA
GetStdHandle
GetStartupInfoA
LCMapStringW
GetEnvironmentVariableW
SetFilePointer
GetCurrentProcessId
GetLocaleInfoA
CompareStringW
GetCPInfo
SetHandleCount
MultiByteToWideChar
OpenMutexA
GetTickCount
VirtualFree
GetCurrentProcess
GetStringTypeA
GetModuleFileNameA
EnumDateFormatsA
GetSystemInfo
CompareStringA
GetOEMCP
SetConsoleCP
FreeEnvironmentStringsW
ReadFile
TerminateProcess
VirtualQuery
GetVersionExA
TlsSetValue
EnterCriticalSection
LCMapStringA
UnhandledExceptionFilter
WideCharToMultiByte
TlsFree
GetDateFormatA
IsBadWritePtr
GetCommandLineA
GetLocaleInfoW
GetModuleFileNameW
GetCurrentThread
GetTimeFormatA
VirtualAlloc
HeapSize
GetProcAddress
FreeEnvironmentStringsA
GetFileType
HeapFree
WriteFile
GetEnvironmentStrings
GetCommandLineW

shell32

SHFileOperationW
SheSetCurDrive
SHFileOperationA
DragQueryFileW
FreeIconList

Sections

.text
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4526151ff677382fb3086fa6ad60c87f

Headers

File Characteristics

Imports

comctl32

user32

kernel32

shell32

Sections

.text Size: 157KB - Virtual size: 156KB

.rdata Size: 8KB - Virtual size: 31KB

.data Size: 173KB - Virtual size: 172KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 157KB - Virtual size: 156KB

.rdata
Size: 8KB - Virtual size: 31KB

.data
Size: 173KB - Virtual size: 172KB

.rsrc
Size: 13KB - Virtual size: 12KB