4b89754a67d55694331f42347e4867e0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4b89754a67d55694331f42347e4867e0_JaffaCakes118
Size

267KB
MD5

4b89754a67d55694331f42347e4867e0
SHA1

9678422102484ae53c57a5e1357f023498bfbe58
SHA256

256c6ba9e3114039d02c72b6768b8c46e4049cef58d010c09dcd13b602b1fb52
SHA512

ab2b44b54391422978ef9e275d6c847eef81c723851aac8e01b943b9d1e55d11235da2ad44c0b168ac929e86f5badb263cc0e09142be710f423fc398d2fbc276
SSDEEP

6144:TRU6lcVPxo+C5zlxW4e0vpmlbVmioE7uMsr:q0cVpo+Ezi4e0xGMHECM+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b89754a67d55694331f42347e4867e0_JaffaCakes118

Files

4b89754a67d55694331f42347e4867e0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f888960ca168ea8ecc42c57fd45d339f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetCursor
LoadBitmapW
DispatchMessageW
wsprintfW
GetMessageW
LoadStringW
SetTimer
BeginPaint
SendMessageW
DialogBoxParamW
PostMessageW
FlashWindow
GetDlgItem
GetSystemMetrics
GetDC
LoadCursorW
GetSysColor
GetDlgItemInt
DrawMenuBar

advapi32

RegSetValueExW
RegCloseKey
RegQueryValueExW

gdi32

DeleteDC
CreateICW
CreateCompatibleDC
CombineRgn
SetRectRgn
GetStockObject
GetTextExtentPoint32W
StretchBlt

kernel32

PeekNamedPipe
InterlockedFlushSList
CreateThread
GetTickCount
DosDateTimeToFileTime
SetThreadExecutionState
CreateNamedPipeA
GetCurrentProcessId
TransactNamedPipe
SetLocaleInfoA
GetEnvironmentStringsA
HeapDestroy
TryEnterCriticalSection
GetSystemTimeAsFileTime
MapViewOfFile
FileTimeToLocalFileTime
HeapAlloc
SetFilePointer
HeapValidate
EnumSystemLocalesA
CreateFileA
GetUserDefaultLangID
EnumLanguageGroupLocalesA
SetThreadUILanguage
InterlockedExchangeAdd
LeaveCriticalSection
lstrcpyA
ExitThread
OpenThread
CreateFileMappingA
InterlockedDecrement
ReadFile
RegisterWaitForSingleObjectEx
GetFileTime
GetUserDefaultLCID
GetNamedPipeHandleStateA
ConnectNamedPipe
PostQueuedCompletionStatus
lstrcmpiA
EncodePointer
DeleteCriticalSection
WaitForSingleObject
EnumSystemLanguageGroupsA
UnmapViewOfFile
DecodePointer
GetStringTypeA
CallNamedPipeA
FileTimeToSystemTime
SleepEx
GetThreadContext
GetSystemDefaultLangID
ResumeThread
SetFilePointerEx
GetSystemDefaultLCID
AssignProcessToJobObject
GetUserDefaultUILanguage
GetThreadSelectorEntry
EnterCriticalSection
InitializeCriticalSection
GetFirmwareEnvironmentVariableA
SetThreadPriority
DeleteFileA
FreeEnvironmentStringsA
FlushViewOfFile
GetQueuedCompletionStatus
GetThreadPriority
HeapCompact
lstrcatA
lstrcmpA
SetPriorityClass
HeapCreate
WriteFileEx
VirtualAllocEx
WaitForMultipleObjects
CloseHandle
WriteFile
ExpandEnvironmentStringsA
WaitNamedPipeA
RtlMoveMemory
IsValidLocale
CopyFileExA
CreateIoCompletionPort
WriteFileGather
SetFirmwareEnvironmentVariableA
GetSystemDefaultUILanguage
HeapSetInformation
ConvertDefaultLocale
GetFileAttributesExA
InterlockedCompareExchange
InterlockedIncrement
FileTimeToDosDateTime
OpenFileMappingA
HeapFree

msvcrt

rand
_except_handler3
__p__commode
_initterm
exit
_cexit
__setusermatherr
__getmainargs

Sections

.text
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 560KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f888960ca168ea8ecc42c57fd45d339f

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

gdi32

kernel32

msvcrt

Sections

.text Size: 175KB - Virtual size: 175KB

.data Size: 73KB - Virtual size: 73KB

.rsrc Size: 17KB - Virtual size: 560KB

.text
Size: 175KB - Virtual size: 175KB

.data
Size: 73KB - Virtual size: 73KB

.rsrc
Size: 17KB - Virtual size: 560KB