44c9df85758edc6893bce054eb45c712_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

44c9df85758edc6893bce054eb45c712_JaffaCakes118
Size

135KB
MD5

44c9df85758edc6893bce054eb45c712
SHA1

43d490d3840cc13566210d5c310a5af8348c1270
SHA256

b26c96268a4f848c452989d58a12ddb740dab393d2badd4e4903165814c4bc37
SHA512

c11d4a872a95ade672a8e751f143bd2d0241def3b07189b12cb5cf4ee7b4a818e79946bc7f68fb030db90f93767421ef82fb787cb5942785b8a7b4825c8278a8
SSDEEP

3072:jW3ebie19V5kuGZY2dfacCKytJpTmp5j3PF9a8MDLBzAoTv5LVc:jWy5Y9dfaNKwJpTudkHBzAoTpq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44c9df85758edc6893bce054eb45c712_JaffaCakes118

Files

44c9df85758edc6893bce054eb45c712_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bea960e14e4fdae697d5b1cc2b5074dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_controlfp
_adjust_fdiv
time
_XcptFilter
wcslen
log10
__p__fmode
fputs
__getmainargs
strchr
__set_app_type
exit
isdigit
cos
wcsncpy
__setusermatherr
_except_handler3
_acmdln
isspace
__p__commode
_initterm

kernel32

GetStringTypeW
SetLastError
DeviceIoControl
InterlockedCompareExchange
VirtualProtect
GetModuleHandleA
GlobalReAlloc
MultiByteToWideChar
GetVersion
GetStartupInfoA

gdi32

GetCurrentObject
PolylineTo
GetTextExtentPointW
GetTextFaceA
CopyEnhMetaFileA
FrameRgn
Polyline
CreateFontIndirectW
AddFontResourceA
SetROP2
CreateDCA
SetDIBitsToDevice
CreateHatchBrush
ExtTextOutW
CreateSolidBrush

ole32

OleUninitialize
CoSetProxyBlanket
CoCreateGuid
CoGetMalloc
CreateStreamOnHGlobal
RevokeDragDrop
OleFlushClipboard
CoGetInterfaceAndReleaseStream
OleSetMenuDescriptor

advapi32

RegQueryInfoKeyW
DeleteService
RegCloseKey
RegOpenKeyExA
SetSecurityDescriptorDacl
OpenServiceA
ControlService

comctl32

ImageList_BeginDrag
ImageList_LoadImageA
ImageList_GetIconSize
InitializeFlatSB
ImageList_AddMasked
ImageList_Destroy
ImageList_DragLeave
ImageList_Remove
ImageList_Add
ImageList_LoadImageW

user32

CharLowerA
WaitMessage
SetRect
SetClassLongA
GetDC
PeekMessageA
GetMenuStringA
EnumThreadWindows
CreateMenu

shell32

ExtractIconA
SHCreateDirectoryExA
SHFileOperationW
DragFinish
ExtractAssociatedIconW
DragAcceptFiles
SHGetSettings
ExtractIconExW

version

VerInstallFileW
VerQueryValueW
VerFindFileW
VerLanguageNameA
VerInstallFileA
GetFileVersionInfoSizeA

oleaut32

SafeArrayRedim
SafeArrayGetElement
SafeArrayPtrOfIndex
VariantCopyInd
GetActiveObject
SafeArrayPutElement
SafeArrayCreate
SafeArrayGetUBound

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zfclmoj
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bea960e14e4fdae697d5b1cc2b5074dd

Headers

File Characteristics

Imports

msvcrt

kernel32

gdi32

ole32

advapi32

comctl32

user32

shell32

version

oleaut32

Sections

.text Size: 18KB - Virtual size: 17KB

.data Size: 17KB - Virtual size: 42KB

.rsrc Size: 99KB - Virtual size: 127KB

zfclmoj Size: - Virtual size: 4KB

.text
Size: 18KB - Virtual size: 17KB

.data
Size: 17KB - Virtual size: 42KB

.rsrc
Size: 99KB - Virtual size: 127KB

zfclmoj
Size: - Virtual size: 4KB