45bfcc4cefe188d2c4b10d6969eb6c99_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45bfcc4cefe188d2c4b10d6969eb6c99_JaffaCakes118
Size

428KB
MD5

45bfcc4cefe188d2c4b10d6969eb6c99
SHA1

3887e264b1c7baff3bc48f4454aba214448bae21
SHA256

69a554d98b95d16da643bf2bcd939aae60188ccf91520b561323d405cff70fc5
SHA512

e08860139a05a51b7a4b01a05d93beeea7a28995c2e364e5825650eb04ef9e10793ccc980eb9e518e4c5215aa8a9b0bd8f49adb1583432be48410575cfea66cf
SSDEEP

6144:ZmMbA1hDVUvwfbKo6wDqGYO2caPmaO01wYApMz9f74ixOhPdDMHQuA9QNnn1gQMx:Zk19VcwfWfP/caP9Hcq7qoA+N1an

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45bfcc4cefe188d2c4b10d6969eb6c99_JaffaCakes118

Files

45bfcc4cefe188d2c4b10d6969eb6c99_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f14e808e396ee76d337daaba3e6b473c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
InitializeCriticalSection
CompareStringW
EnterCriticalSection
GetTimeZoneInformation
GetACP
HeapAlloc
LoadLibraryA
WideCharToMultiByte
SetUnhandledExceptionFilter
EnumSystemLocalesA
GlobalFix
FreeLibrary
GetLastError
UnhandledExceptionFilter
VirtualFree
GetEnvironmentStringsW
HeapCreate
HeapDestroy
FreeEnvironmentStringsA
TlsGetValue
GetOEMCP
HeapSize
GetProcessHeap
CreatePipe
IsDebuggerPresent
GetStringTypeW
GetVersionExA
GetProcAddress
GetCommandLineA
GetUserDefaultLCID
HeapFree
DeleteCriticalSection
GetModuleFileNameW
VirtualProtectEx
IsValidCodePage
VirtualQuery
SetLastError
IsValidLocale
TlsAlloc
GetFileType
LCMapStringA
WriteFile
GetTimeFormatA
HeapReAlloc
SetHandleCount
ExitProcess
GetCPInfo
FreeEnvironmentStringsW
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
MultiByteToWideChar
GetModuleHandleA
GetStdHandle
LCMapStringW
LeaveCriticalSection
GetCurrentThreadId
TlsFree
InterlockedDecrement
GetLocaleInfoW
GetStringTypeA
GetCurrentProcessId
GetModuleFileNameA
SetConsoleCtrlHandler
GetLocaleInfoA
CompareStringA
GetTickCount
InterlockedIncrement
GetDateFormatA
GetStartupInfoW
TlsSetValue
Sleep
RtlUnwind
GetStartupInfoA
GetSystemTimeAsFileTime
InterlockedExchange
SetEnvironmentVariableA
GetCurrentThread
GetCommandLineW

advapi32

CryptGetDefaultProviderA
RegRestoreKeyA
LogonUserA
RegOpenKeyExW
GetUserNameW

shell32

RealShellExecuteW
SheGetDirA
SHGetPathFromIDList
CommandLineToArgvW
SHFileOperationW
DragQueryFileA
SheChangeDirExW
ExtractAssociatedIconExA
SHUpdateRecycleBinIcon
SHGetPathFromIDListW
SHGetSpecialFolderPathA
CheckEscapesW
SHGetSettings
SHGetNewLinkInfo
ExtractIconEx

comdlg32

ReplaceTextW

Sections

.text
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f14e808e396ee76d337daaba3e6b473c

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

comdlg32

Sections

.text Size: 138KB - Virtual size: 138KB

.data Size: 279KB - Virtual size: 278KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 138KB - Virtual size: 138KB

.data
Size: 279KB - Virtual size: 278KB

.rsrc
Size: 9KB - Virtual size: 9KB