46c9a89456038ddc605bbfcc8278f3f0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

46c9a89456038ddc605bbfcc8278f3f0_JaffaCakes118
Size

360KB
MD5

46c9a89456038ddc605bbfcc8278f3f0
SHA1

0b946bb66b6afb15c406ed6cb230a1fdcb2df368
SHA256

29c21b0092d818f55bfc3ea4fb06eea3b438f88664abb0ea248c98d1e07dbc89
SHA512

7c7fed8a011313bf48f7abded6d3331857d7f5cca4f615d93a30e41e9c6511e2aa3e69fe6d80ee4276b874f0f6ee2690592e8899d441779a6aee63239dcc6226
SSDEEP

6144:8Ngm7dA6MX9FU3sDHh56Q1NHeobWC1m5yMb1wMJPpviD6PVEhUN4O23Uj/ob5JnS:8ym7dAVX9uyHv6KNHeC15WwMVdHEON4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46c9a89456038ddc605bbfcc8278f3f0_JaffaCakes118

Files

46c9a89456038ddc605bbfcc8278f3f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7d4083ee17beb5c135484e4a8fdcee53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteExW

kernel32

CreatePipe
GetSystemTime
GetCurrentThread
HeapDestroy
SetEvent
WriteFile
WriteConsoleOutputCharacterA
GetModuleHandleA
GetCurrentThreadId
FreeEnvironmentStringsW
GetFileType
ReleaseMutex
CompareStringW
HeapSize
GetVersion
QueryPerformanceCounter
FlushFileBuffers
GetCommandLineA
TlsGetValue
GetShortPathNameW
LCMapStringW
RtlUnwind
InterlockedExchange
GetCurrentProcess
InitializeCriticalSection
lstrcatA
CreateMailslotA
GetStringTypeW
GetTimeZoneInformation
LoadLibraryA
SetFilePointer
GetSystemTimeAsFileTime
VirtualQuery
CloseHandle
GetProfileIntA
GetStartupInfoA
GetComputerNameW
TerminateProcess
GetEnvironmentStringsW
MapViewOfFile
GetConsoleCursorInfo
UnhandledExceptionFilter
GetProcAddress
OpenMutexA
ConvertDefaultLocale
TlsFree
SetStdHandle
EnterCriticalSection
SetLastError
HeapAlloc
ExitProcess
HeapCreate
MultiByteToWideChar
TransactNamedPipe
CompareStringA
GetPrivateProfileIntW
LCMapStringA
ReadFile
HeapReAlloc
CreateMutexA
GetDiskFreeSpaceExW
GetLocalTime
SetEnvironmentVariableA
GetStringTypeA
IsBadWritePtr
GetLastError
GetStdHandle
CreateProcessA
CreateProcessW
WideCharToMultiByte
InterlockedIncrement
DeleteCriticalSection
TlsAlloc
GetModuleFileNameA
GetLongPathNameA
VirtualAlloc
VirtualFree
IsDebuggerPresent
GetTickCount
lstrcpyn
FreeEnvironmentStringsA
GetMailslotInfo
LeaveCriticalSection
GetCPInfo
GetACP
TlsSetValue
UnlockFileEx
GetOEMCP
SetHandleCount
GetEnvironmentStrings
GetCurrentProcessId
HeapFree
OutputDebugStringW
InterlockedDecrement
FindResourceExA

advapi32

LookupSecurityDescriptorPartsW
CryptCreateHash
CryptGenRandom
CryptSetHashParam
CryptVerifySignatureA
RegDeleteKeyA
CryptSetProviderW
CryptEncrypt
LookupPrivilegeNameW
RegNotifyChangeKeyValue
RegLoadKeyW
CryptEnumProviderTypesA
LookupPrivilegeNameA
RegReplaceKeyW
ReportEventW
RegQueryValueA
RegLoadKeyA
CryptEnumProvidersA
CryptSetProviderExA
CryptDestroyHash
CryptGetHashParam
LookupSecurityDescriptorPartsA
CryptSignHashA

wininet

InternetAutodial
GopherGetLocatorTypeW
InternetConfirmZoneCrossingW
SetUrlCacheGroupAttributeA
DeleteIE3Cache

comctl32

ImageList_SetIconSize
ImageList_LoadImage
_TrackMouseEvent
ImageList_SetFilter
DrawStatusTextA
ImageList_EndDrag
DrawStatusTextW
ImageList_DrawIndirect
ImageList_Replace
CreatePropertySheetPageW
CreateUpDownControl
ImageList_Copy
CreateStatusWindow
CreatePropertySheetPage
ImageList_GetIcon
InitCommonControlsEx
ImageList_AddMasked
ImageList_Write
ImageList_LoadImageA
ImageList_Merge
CreateMappedBitmap
ImageList_SetFlags

user32

GetUserObjectSecurity
InvalidateRect
CreateWindowExA
DlgDirListW
DdeCreateStringHandleW
DefFrameProcW
RegisterClassExA
MapDialogRect
FillRect
MessageBoxW
GetMenu
IntersectRect
ShowWindow
AppendMenuA
FlashWindowEx
DragDetect
MapVirtualKeyW
CreateCaret
DestroyWindow
GetWindowTextW
DefWindowProcA
SetParent
SetForegroundWindow
RegisterClassA
InvalidateRgn

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d4083ee17beb5c135484e4a8fdcee53

Headers

File Characteristics

Imports

shell32

kernel32

advapi32

wininet

comctl32

user32

Sections

.text Size: 120KB - Virtual size: 117KB

.rdata Size: 72KB - Virtual size: 69KB

.data Size: 92KB - Virtual size: 94KB

.rsrc Size: 72KB - Virtual size: 71KB

.text
Size: 120KB - Virtual size: 117KB

.rdata
Size: 72KB - Virtual size: 69KB

.data
Size: 92KB - Virtual size: 94KB

.rsrc
Size: 72KB - Virtual size: 71KB