4b83641c04b71eba03f27e54721c51a6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4b83641c04b71eba03f27e54721c51a6_JaffaCakes118
Size

438KB
MD5

4b83641c04b71eba03f27e54721c51a6
SHA1

9839d2fb99c71283496fc0e31cee7ce9daff9568
SHA256

756d900f1096d801ac5e60941c3fb701ef84bdb310709854576d644ce076fd09
SHA512

e03079def1b3ae3cee245900ca6302e3996264ace03ec98020d0f264898c76cd6039eacb255c59d2deafae10f5e62fab34f90ff9cdcf3c1ec32975618942edf5
SSDEEP

12288:mVRoEp4+RoBXAw0313sbmupwBPi5BD7S8NfpVtM9:mTCUV4XpwBPszft

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b83641c04b71eba03f27e54721c51a6_JaffaCakes118

Files

4b83641c04b71eba03f27e54721c51a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da5a03de4e37efa36f5e12cedcc5aab1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RemoveMenu
DdeAccessData
IsMenu
OpenIcon
FlashWindow
IsWindow
MenuItemFromPoint
GetClipboardData
SetMenuContextHelpId
CreateDesktopA
SetScrollPos
GetListBoxInfo
IsChild
PostMessageA
GetMenuStringW
SetSysColorsTemp
SetCaretPos

gdi32

GetPixel
GetROP2
SetLayout
CancelDC
SetROP2
GdiGetBatchLimit
CreatePalette
SetRectRgn
DPtoLP
GetCharWidthFloatW
ExtSelectClipRgn
SetROP2

msvcrt

strstr
_ismbbkana
__threadid
iswprint
ctime
_mbsnbcat
_adj_fprem
_ismbbkpunct
strncmp
fclose
_getdrive
iswgraph
gmtime

ole32

HPALETTE_UserUnmarshal
GetRunningObjectTable
WriteOleStg
StringFromIID
WriteClassStm
StgIsStorageFile
CoCreateFreeThreadedMarshaler
OleSetMenuDescriptor
OleLoad
StgGetIFillLockBytesOnILockBytes

advapi32

GetFileSecurityA
GetLengthSid
GetAce
EqualSid
CreateProcessAsUserA
InitializeSid

kernel32

GetFileSize
Sleep
ExitProcess
CreateFileMappingA
TransactNamedPipe
VirtualFree
SetLastError
GetStartupInfoW
GetVersion
GetCurrentProcess
GetLastError
GetModuleHandleW
GetCurrentProcessId
OpenFile
GetCommProperties
FreeLibrary
SetErrorMode
GetCommandLineW
LocalShrink
Process32First
SetHandleInformation
VirtualAlloc
GlobalAlloc

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 96KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 305KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da5a03de4e37efa36f5e12cedcc5aab1

Headers

File Characteristics

Imports

user32

gdi32

msvcrt

ole32

advapi32

kernel32

Sections

.text Size: 7KB - Virtual size: 8KB

.data Size: 25KB - Virtual size: 27KB

.idata Size: 96KB - Virtual size: 102KB

.bss Size: 305KB - Virtual size: 1.2MB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 7KB - Virtual size: 8KB

.data
Size: 25KB - Virtual size: 27KB

.idata
Size: 96KB - Virtual size: 102KB

.bss
Size: 305KB - Virtual size: 1.2MB

.rsrc
Size: 4KB - Virtual size: 4KB