44ee8e4b82a81dec1f7032aabe1abc18_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

44ee8e4b82a81dec1f7032aabe1abc18_JaffaCakes118
Size

520KB
MD5

44ee8e4b82a81dec1f7032aabe1abc18
SHA1

1a292ac7f2acf1c9e0f84da40f3bc777d4bb739f
SHA256

ef8c8e0da8addc72bedb1c4d6ed6fa9f199feede9af167f1603764ca4bba630f
SHA512

8f347fbb7b4ea024f0d442750826ce6ee81b090b4c604ed8715b7b9f2dca6ebf90bfefb4b599c4299822d1a00895047268a2fa465adbc4fcff7535cd00ed07f1
SSDEEP

12288:yhAuO8SIkY6s5P2ZVSG09Kh8i2ZgQfIm8rvwU74:yVOfIkGAZg93VZgQfJ8su

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44ee8e4b82a81dec1f7032aabe1abc18_JaffaCakes118

Files

44ee8e4b82a81dec1f7032aabe1abc18_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5152e3da4eca0b2236afc2adcb32cfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjects
GetNumberFormatW
WideCharToMultiByte
GetProcessAffinityMask
WriteConsoleOutputAttribute
WaitCommEvent
UnhandledExceptionFilter
GetTimeFormatA
GetCompressedFileSizeA
GetCurrentThread
CreateFileA
GetTickCount
WriteFile
SetUnhandledExceptionFilter
GetConsoleScreenBufferInfo
GetModuleFileNameW
WriteConsoleA
GetEnvironmentStrings
InterlockedIncrement
GetStartupInfoA
LoadModule
FormatMessageA
GetFileType
VirtualFree
CompareStringW
lstrcpyW
lstrcpynA
WriteConsoleOutputA
SetStdHandle
CreateDirectoryExW
TerminateProcess
GetConsoleMode
InterlockedDecrement
TlsGetValue
InterlockedExchange
EnumSystemLocalesA
MultiByteToWideChar
GetSystemTimeAsFileTime
GlobalAlloc
OpenMutexW
CreateMutexA
FindClose
HeapReAlloc
SetLastError
SetHandleCount
EnumDateFormatsW
CompareStringA
GetStdHandle
VirtualAlloc
ReadFile
TlsFree
DeleteCriticalSection
LoadLibraryA
GetConsoleOutputCP
TransmitCommChar
GetPrivateProfileIntW
FindNextFileW
GetEnvironmentStringsW
IsValidCodePage
GetFileAttributesExA
EnumCalendarInfoExA
HeapCreate
FreeEnvironmentStringsA
EnterCriticalSection
FreeEnvironmentStringsW
TryEnterCriticalSection
CreateFileMappingA
FreeResource
GetConsoleCP
LCMapStringA
CommConfigDialogW
SetEnvironmentVariableA
LoadLibraryExA
GetCurrentThreadId
GetModuleHandleA
GetStringTypeExW
TlsAlloc
Sleep
InitializeCriticalSection
IsValidLocale
GetCalendarInfoW
lstrcmpiW
GetCurrentProcess
SetFilePointer
SetConsoleCtrlHandler
IsDebuggerPresent
VirtualQuery
GetLastError
DosDateTimeToFileTime
CloseHandle
RtlUnwind
GetCPInfo
LeaveCriticalSection
GetOEMCP
GetACP
GetModuleFileNameA
ExitProcess
TlsSetValue
GetProcessHeap
GetDateFormatA
GetStringTypeA
GetProcAddress
GetUserDefaultLCID
HeapAlloc
GetLocaleInfoW
GetCommandLineA
CreateProcessW
FreeLibrary
GetCurrentProcessId
OpenMutexA
HeapSize
GetCommandLineW
FlushFileBuffers
HeapFree
GetConsoleTitleW
GetLocaleInfoA
LCMapStringW
GetVersionExA
QueryPerformanceCounter
WriteConsoleW
GetTimeZoneInformation
SetSystemTime
HeapDestroy
GetStartupInfoW
EnumSystemCodePagesA
GetStringTypeW

user32

ReplyMessage
RegisterClassA
EndTask
CreateWindowExA
IsDialogMessageW
DlgDirListW
DdeReconnect
wsprintfW
wsprintfA
RegisterClassExA
EndDialog
GetKBCodePage
GetProcessDefaultLayout
GetClipboardOwner
CreateAcceleratorTableW
EndMenu
RemovePropW
InSendMessage

comctl32

InitCommonControlsEx
DrawInsert
ImageList_DragEnter
ImageList_SetOverlayImage
CreateUpDownControl
ImageList_SetFlags
ImageList_SetBkColor
CreatePropertySheetPageA
ImageList_EndDrag
InitMUILanguage
CreateToolbar
ImageList_Add
ImageList_Copy
CreateStatusWindowW
MakeDragList
ImageList_DrawEx
ImageList_GetImageInfo
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Duplicate
ImageList_Read
DestroyPropertySheetPage
ImageList_DragMove

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5152e3da4eca0b2236afc2adcb32cfb

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 256KB - Virtual size: 255KB

.data Size: 108KB - Virtual size: 121KB

.rsrc Size: 56KB - Virtual size: 52KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 256KB - Virtual size: 255KB

.data
Size: 108KB - Virtual size: 121KB

.rsrc
Size: 56KB - Virtual size: 52KB