44ec63050610e1b17c6e4b9298b9c5cb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

44ec63050610e1b17c6e4b9298b9c5cb_JaffaCakes118
Size

2.3MB
MD5

44ec63050610e1b17c6e4b9298b9c5cb
SHA1

fcd48977f0eb9070aea6b1514996db6a84159835
SHA256

225f32dd8c8e83b87504386d9e94b5975a8b62916ba2e82eb84b4c1b99ef0ebb
SHA512

5e7c0f372f306fa4c933755256d9489e7475bad5156006ee7ba44e63f4fc8d0ef02ea50cca04ec8478e68f3dd8bf68aee1016f150a6bd909768011524c9a2a72
SSDEEP

49152:MIoUsPf7ee9er9kPAlFZ9EOsk0qyH4T+N0hz37sGdZHymvrAqeJ:G/f9eaA59mtYT+gz3gGdZXTqJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44ec63050610e1b17c6e4b9298b9c5cb_JaffaCakes118

Files

44ec63050610e1b17c6e4b9298b9c5cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a33928a58564df1ece1063ef6edfb101

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryExA
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

RedrawWindow

advapi32

LookupPrivilegeValueA

oleaut32

GetActiveObject

mpr

WNetGetConnectionA

version

GetFileVersionInfoA

gdi32

CreateCompatibleDC

ole32

ProgIDFromCLSID

comctl32

ImageList_Read

wininet

InternetSetOptionA

shell32

SHGetPathFromIDListA

comdlg32

GetOpenFileNameA

wsock32

select

Sections

"Ejt])RA
Size: - Virtual size: 931KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

oNkHd_Hj
Size: - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

='pC?1H:
Size: - Virtual size: 71KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Jnq:D0o
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vaB%,*V8
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

[nNj6X;_
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

WeOvJk_[
Size: - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Zw!yfI`4
Size: 7KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

8,^@1^hD
Size: - Virtual size: 653KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

g`rDssEA
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

=0p"b;wD
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a33928a58564df1ece1063ef6edfb101

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

mpr

version

gdi32

ole32

comctl32

wininet

shell32

comdlg32

wsock32

Sections

"Ejt])RA Size: - Virtual size: 931KB

oNkHd_Hj Size: - Virtual size: 38KB

='pC?1H: Size: - Virtual size: 71KB

Jnq:D0o Size: - Virtual size: 11KB

vaB%,*V8 Size: - Virtual size: 16B

[nNj6X;_ Size: - Virtual size: 24B

WeOvJk_[ Size: - Virtual size: 59KB

Zw!yfI`4 Size: 7KB - Virtual size: 1.5MB

8,^@1^hD Size: - Virtual size: 653KB

g`rDssEA Size: 2.1MB - Virtual size: 2.1MB

=0p"b;wD Size: 512B - Virtual size: 284B

"Ejt])RA
Size: - Virtual size: 931KB

oNkHd_Hj
Size: - Virtual size: 38KB

='pC?1H:
Size: - Virtual size: 71KB

Jnq:D0o
Size: - Virtual size: 11KB

vaB%,*V8
Size: - Virtual size: 16B

[nNj6X;_
Size: - Virtual size: 24B

WeOvJk_[
Size: - Virtual size: 59KB

Zw!yfI`4
Size: 7KB - Virtual size: 1.5MB

8,^@1^hD
Size: - Virtual size: 653KB

g`rDssEA
Size: 2.1MB - Virtual size: 2.1MB

=0p"b;wD
Size: 512B - Virtual size: 284B