45fcb32eb4bf0575677d2fec3dbf6c1c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

45fcb32eb4bf0575677d2fec3dbf6c1c_JaffaCakes118
Size

295KB
MD5

45fcb32eb4bf0575677d2fec3dbf6c1c
SHA1

1f5403753ce0229740d5b4a33d1c1f02fb9e435a
SHA256

c6804b829f71113d500699499cbd3f620012bc8847ad7a73d3681f22ae4d02f4
SHA512

bc897462ead02a84d24c9ea4492dddfacb74176572d6de779cf296343fe1c65df63bc669ea480510b9415fbc8283ea9a35b0aeb808d90e7178f8545fcf347240
SSDEEP

6144:JGOGOs1qfYJZxCORpU597hnnrTwS9EG+Wq2HHIybASyrufL:gOsZxLpUjVnfTq2HJZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45fcb32eb4bf0575677d2fec3dbf6c1c_JaffaCakes118

Files

45fcb32eb4bf0575677d2fec3dbf6c1c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01c52d5528311feeb5cd357a7d2cc122

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\nrdybefqr.PDB

Imports

user32

SendIMEMessageExA
RegisterClassA
ShowWindow
RegisterClassExA
GetKeyboardType
GetNextDlgTabItem
EnableMenuItem
CreateWindowExA
MessageBoxA

gdi32

CreateScalableFontResourceA
GetGlyphOutlineA
SetPixel

comctl32

InitCommonControlsEx

kernel32

QueryPerformanceCounter
IsBadWritePtr
CompareStringW
GetModuleFileNameA
SetFilePointer
HeapDestroy
TlsAlloc
GetTimeZoneInformation
LCMapStringA
CreateMutexA
GetCurrentThreadId
GetStartupInfoA
FreeEnvironmentStringsW
GetSystemTime
SetStdHandle
RtlUnwind
GetModuleHandleA
VirtualFree
GetStringTypeW
GetModuleFileNameW
WriteFile
VirtualQuery
LeaveCriticalSection
GlobalUnfix
ReadFile
GetLastError
MultiByteToWideChar
DuplicateHandle
GetEnvironmentStrings
GetSystemTimeAsFileTime
GetCPInfo
InterlockedExchange
GetPrivateProfileIntW
TlsGetValue
InterlockedIncrement
EnterCriticalSection
LoadLibraryA
GetProcAddress
GetStartupInfoW
GetThreadSelectorEntry
GetCommandLineW
GetTickCount
GetCurrentThread
OpenMutexA
GetCurrentProcess
HeapFree
HeapCreate
DeleteCriticalSection
ExitProcess
CloseHandle
GetEnvironmentStringsW
HeapReAlloc
GetCurrentProcessId
HeapAlloc
VirtualAlloc
GetStdHandle
InitializeCriticalSection
LCMapStringW
TlsSetValue
FreeEnvironmentStringsA
InterlockedCompareExchange
GetLocalTime
CompareStringA
UnhandledExceptionFilter
GlobalReAlloc
WideCharToMultiByte
GetStringTypeA
FlushFileBuffers
GetFileType
SetEnvironmentVariableA
TlsFree
TryEnterCriticalSection
InterlockedDecrement
GetCommandLineA
SetLastError
SetHandleCount
TerminateProcess
GetVersion

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01c52d5528311feeb5cd357a7d2cc122

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

comctl32

kernel32

Sections

.text Size: 177KB - Virtual size: 177KB

.rdata Size: 9KB - Virtual size: 29KB

.data Size: 87KB - Virtual size: 86KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 177KB - Virtual size: 177KB

.rdata
Size: 9KB - Virtual size: 29KB

.data
Size: 87KB - Virtual size: 86KB

.rsrc
Size: 20KB - Virtual size: 19KB