46801a482c7ad061606fe3764a2ac57a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

46801a482c7ad061606fe3764a2ac57a_JaffaCakes118
Size

252KB
MD5

46801a482c7ad061606fe3764a2ac57a
SHA1

d8e98d578f8e89262348c0e17884bd653e7e8bf5
SHA256

c3a1804302793e03db9949b0ce4feed8c46acd28bae539061d5416ddceebadd2
SHA512

4b510891f087109d34d4e9204798cfb6bc4e818df3e25b6ff207fcc2bb2205db51e9c5832144f2fb7790b565ee7f36a12fc68e90416316e706d32177de809422
SSDEEP

6144:PtpHRYLIQ6550vW4DOv8nbyjB9WJv4tFKNqIha:PtlqQ0lDO79WN4rG1h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46801a482c7ad061606fe3764a2ac57a_JaffaCakes118

Files

46801a482c7ad061606fe3764a2ac57a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fe3615568cf0d2fc665eb1c034162a60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\ltqo.pdb

Imports

user32

IsCharAlphaNumericW
InSendMessage
IntersectRect
SendNotifyMessageA
CreateDialogIndirectParamA
GetDlgItemTextA
SetWindowsHookExA
LoadStringA
GetClipboardSequenceNumber
CreatePopupMenu
IsIconic
SendDlgItemMessageA
RegisterClassA
IsWindow
CreateIconFromResourceEx
SetWindowTextW
GetCursor
PostThreadMessageA
RegisterClassExA

comctl32

ImageList_EndDrag
DrawInsert
InitCommonControlsEx
DrawStatusTextW
CreateStatusWindowA
CreateToolbarEx
ImageList_LoadImageA
_TrackMouseEvent
ImageList_Remove
CreateToolbar
ImageList_SetDragCursorImage
DrawStatusText
ImageList_SetImageCount
ImageList_DrawEx
ImageList_GetFlags
ImageList_ReplaceIcon
ImageList_Replace
ImageList_SetFilter
ImageList_LoadImageW
DestroyPropertySheetPage
ImageList_DragLeave

shell32

ShellExecuteA
CheckEscapesW
SHGetSpecialFolderLocation

kernel32

SetConsoleCursorInfo
GetEnvironmentStringsW
LoadLibraryA
OpenMutexA
GetSystemTime
MultiByteToWideChar
TlsFree
LeaveCriticalSection
TlsGetValue
InterlockedDecrement
HeapReAlloc
VirtualFree
GetCurrentThread
VirtualAlloc
CreateMutexA
HeapCreate
GetCommandLineA
GetCommandLineW
WideCharToMultiByte
GetModuleHandleA
GetEnvironmentVariableA
WriteFile
ExitProcess
CompareStringA
LCMapStringA
CompareStringW
GetStringTypeW
GetLocalTime
GetLastError
GetProfileIntA
InitializeCriticalSection
HeapFree
RtlUnwind
FreeEnvironmentStringsA
IsBadWritePtr
SetStdHandle
GetEnvironmentStrings
GetFileType
VirtualQuery
LCMapStringW
DeleteCriticalSection
GetProcAddress
HeapDestroy
GetStringTypeA
TlsAlloc
QueryPerformanceCounter
FlushFileBuffers
GetStartupInfoA
InterlockedExchange
TlsSetValue
GetTimeZoneInformation
GetCPInfo
GetStdHandle
EnterCriticalSection
GetSystemTimeAsFileTime
SetHandleCount
GetCurrentProcessId
SetFilePointer
GetTickCount
UnhandledExceptionFilter
RemoveDirectoryW
GetStartupInfoW
FreeEnvironmentStringsW
GetCurrentThreadId
ReadFile
GetCurrentProcess
GetModuleFileNameW
DeleteFileA
CreateProcessA
SetEnvironmentVariableA
HeapAlloc
InterlockedIncrement
GetModuleFileNameA
TerminateProcess
SetLastError
CloseHandle
GetVersion
WriteConsoleInputW

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe3615568cf0d2fc665eb1c034162a60

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

shell32

kernel32

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 68KB - Virtual size: 65KB

.data Size: 88KB - Virtual size: 111KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 68KB - Virtual size: 65KB

.data
Size: 88KB - Virtual size: 111KB

.rsrc
Size: 20KB - Virtual size: 17KB