4535e5ebfbe38a163b00bbbaaf70dee0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4535e5ebfbe38a163b00bbbaaf70dee0_JaffaCakes118
Size

4.0MB
MD5

4535e5ebfbe38a163b00bbbaaf70dee0
SHA1

58ac819df9ac9c415dea5883529ccf66e2936df6
SHA256

dcbb5ae0b4e3abaef867e73a7b4ed858091f2002ff49b1af9e9305dd425c53cb
SHA512

a40d871f6450758ab3f0776ff17ec0fa6a73ca45daf37c40475e482ff2674eba062af60eda85efbde372384acd52db834cdff7f3150671fe9bca75ecbc44d84f
SSDEEP

98304:7VrC7Js0rgfS+aybzoDLUG2jCU6etuebCv4mcs1ixOHhga/G:AvYYJDLUGLU6cs8OHhHG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4535e5ebfbe38a163b00bbbaaf70dee0_JaffaCakes118

Files

4535e5ebfbe38a163b00bbbaaf70dee0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f450f41d4113c41c90c7a228ca9e57a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegReplaceKeyW
SetSecurityDescriptorDacl
LookupPrivilegeDisplayNameA
AllocateAndInitializeSid
CryptSignHashW
SetEntriesInAclW

kernel32

ExitProcess
VirtualFree
GetShortPathNameA
LocalReAlloc
DuplicateHandle
GetLongPathNameA
CreateFileW
VirtualQueryEx
IsBadWritePtr
SetThreadLocale
FindNextChangeNotification
GetModuleHandleA
FindFirstFileA
SuspendThread
GlobalAddAtomW
ReadFileScatter
LocalFileTimeToFileTime
ConnectNamedPipe
LoadLibraryExA
ReadFile
WriteProcessMemory
lstrcmpA
PrepareTape
Beep
GetCPInfo
WriteConsoleOutputW
EnumTimeFormatsW
GetLogicalDriveStringsA
ScrollConsoleScreenBufferA
GetLocaleInfoW
GetUserDefaultLangID
QueryDosDeviceA
AreFileApisANSI
FreeLibraryAndExitThread
GetTempFileNameA
GetDriveTypeA
PeekConsoleInputW
EnumDateFormatsW
GetSystemDefaultLangID
ReadDirectoryChangesW
SetTimeZoneInformation
GetTimeZoneInformation
GetTapeStatus
OpenSemaphoreW
EnumCalendarInfoA
GetBinaryTypeW
ReadConsoleInputW
SetEnvironmentVariableW

user32

GetWindowTextA
WinHelpA
LoadKeyboardLayoutA
CharLowerA
GetKeyboardLayoutNameA
EnableWindow
IsIconic
SetFocus
OpenWindowStationW
GetMenuItemRect
RegisterClassA
DefMDIChildProcA
EnumWindowStationsA
EnumClipboardFormats
ReleaseDC
GetMenuInfo
GetWindowLongA
CallNextHookEx
CreateMDIWindowW
SendMessageW
DestroyWindow
SetWindowContextHelpId
PostThreadMessageA
CopyIcon
TrackPopupMenuEx
SetWindowTextA
OemToCharBuffW

msvcrt

vfwprintf
vsprintf
_mbsnicmp
_fsopen
_snwprintf
_beginthread
iswcntrl
_wctime
_wtoi

Sections

.text
Size: 254KB - Virtual size: 253KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f450f41d4113c41c90c7a228ca9e57a0

Headers

File Characteristics

Imports

advapi32

kernel32

user32

msvcrt

Sections

.text Size: 254KB - Virtual size: 253KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 3.4MB - Virtual size: 3.4MB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 254KB - Virtual size: 253KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 3.4MB - Virtual size: 3.4MB

.rsrc
Size: 18KB - Virtual size: 18KB