4bdcde8c97473d8744074c75127c30cf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4bdcde8c97473d8744074c75127c30cf_JaffaCakes118
Size

141KB
MD5

4bdcde8c97473d8744074c75127c30cf
SHA1

cc37189ab88d9d6a0dfe46738b86c0b3854184b2
SHA256

1a5c97c8c3bf07e2fb34220fa9bc7e5bcaa3b5b90abca305d1e4e1dccca6c063
SHA512

b479279207cfbe9ef87233a920380bdd4c431e1099a537af17f66c05015fc4344d6f639d32eab24381220c14de1a2659c17bb4baecd134c9c5f6e98c70717c36
SSDEEP

3072:8VJghMywc8NI9gGgbilkTI4DVak38B7iwCSv1kApUNr:hhUcY++TI0aBNiXSNPUNr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bdcde8c97473d8744074c75127c30cf_JaffaCakes118

Files

4bdcde8c97473d8744074c75127c30cf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b224fc124c744b3c828ff86f3f730c5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
GetLongPathNameW
lstrcpyW
SetStdHandle
GetCurrentDirectoryA
GetEnvironmentStringsW
CreateMutexW
GetUserDefaultLCID
GetDateFormatW
GetConsoleOutputCP
CreateFileW
FindResourceW
GetStdHandle
GetVersionExA
MultiByteToWideChar
GetModuleHandleA
HeapSize
GlobalFree
CreateFileA
SetCurrentDirectoryW
CompareStringW
IsValidLocale
GetConsoleMode
GetCurrentProcess
LoadLibraryA
HeapFree
GetTempPathW
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
GlobalSize
GetProcessHeap
PeekNamedPipe
EnterCriticalSection
GetSystemTimeAsFileTime
GetLocalTime
GetTimeZoneInformation
GlobalAlloc
TlsGetValue
SetEvent
lstrcmpiW
CreateDirectoryW
lstrcatW
GetCurrentThreadId
TlsAlloc
lstrcpynW
VirtualAlloc
FreeLibrary
GetProcAddress
VirtualProtect
FlushFileBuffers
GetStringTypeW
LCMapStringW
LCMapStringA
SetFilePointer
ReadFile
SetEndOfFile
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualQuery
InterlockedExchange
RtlUnwind
IsBadWritePtr
HeapReAlloc
GetCPInfo
GetOEMCP
GetACP
HeapAlloc
CloseHandle
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetSystemInfo
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
WriteFile
TerminateProcess
ExitProcess
RaiseException
GetCommandLineA
GetStartupInfoA

user32

UnhookWindowsHookEx
GetWindowLongW
GetDlgCtrlID
CallWindowProcW
GetSysColor
DrawIcon
SetCursor
GetDC
OpenClipboard
GetClipboardData
CreateCaret
SetForegroundWindow
DrawTextExW
GetScrollRange
DeleteMenu
SetDlgItemInt
GetMenu
SetCaretPos
DefWindowProcW
DestroyWindow
CreateWindowExW
SetParent
CheckMenuRadioItem
DragDetect
RegisterClassW
PostMessageW
EndDeferWindowPos
ScrollWindow
GetCapture
TranslateAcceleratorW
SetWindowPos
InsertMenuW
SetScrollRange
MonitorFromWindow
IsClipboardFormatAvailable
TrackPopupMenu
PeekMessageW
GetMessageW
GetMonitorInfoW
DestroyIcon
SetMenuItemInfoW
GetWindowPlacement
GetActiveWindow
GetScrollPos
EndPaint
IsChild
SetClipboardData
CreateAcceleratorTableW
GetMenuStringW

comdlg32

GetSaveFileNameA
ChooseColorW
ChooseColorA
PrintDlgA
GetFileTitleA
PageSetupDlgA
GetSaveFileNameW
GetFileTitleW
GetOpenFileNameW
FindTextW
FindTextA
ChooseFontW
ReplaceTextW
PageSetupDlgW
ChooseFontA

oleaut32

VariantCopy

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b224fc124c744b3c828ff86f3f730c5a

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

oleaut32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 88KB - Virtual size: 132KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 88KB - Virtual size: 132KB

.rsrc
Size: 4KB - Virtual size: 4KB