4bdeba18cf916e7109d3b9224600060e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4bdeba18cf916e7109d3b9224600060e_JaffaCakes118
Size

248KB
MD5

4bdeba18cf916e7109d3b9224600060e
SHA1

710fcce90fc6c53e6585eec56a356aaf61b67e8a
SHA256

ec2329fcb6ab545fc30db382339b93d4603e1b8a23df5fc5a5db1b8be54027cf
SHA512

e814b8c4b0eaeb769aef68e7f040a9ffad22c9235eec6588d68d465b2a0fbf75ac6941228c1607391a0ae449b3b06218cb8a46ceb5c765cc238696cb1d88ae7e
SSDEEP

6144:Mtf9iLxvn6r8Bl+Yyari0JK9GrktK4PgK6SLvs6cT9jY:MtVitP6YBlN4c4UaB0f9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bdeba18cf916e7109d3b9224600060e_JaffaCakes118

Files

4bdeba18cf916e7109d3b9224600060e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de7a40e9a3a0630b062897eefdc95025

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SwitchToFiber
GetFileAttributesA
ReleaseSemaphore
ReadConsoleA
IsProcessorFeaturePresent
SetThreadLocale
CancelIo
WritePrivateProfileStringA
SetEnvironmentVariableW
GetFullPathNameA
VirtualLock
ReadFileScatter
WritePrivateProfileStringW
_llseek
GetComputerNameW
ReleaseMutex
GetThreadContext
SuspendThread
SetCommTimeouts
WriteConsoleOutputW
GetShortPathNameW
IsDBCSLeadByteEx
SetProcessShutdownParameters
IsValidLocale
WritePrivateProfileStructA
_lclose
DeleteFiber
GetLongPathNameA
GetDriveTypeA
GetEnvironmentStringsW
ConnectNamedPipe
PurgeComm
CreateEventA
VirtualQueryEx
GetOverlappedResult
SetupComm
lstrcmpiA
VirtualAlloc
GetFileType
GetConsoleCursorInfo
FormatMessageW
MoveFileExA
Beep
SetLastError
GetDiskFreeSpaceExA
CompareStringW
CreateProcessA
GetPrivateProfileSectionW
UnmapViewOfFile
OpenFile
FillConsoleOutputCharacterA
GetShortPathNameA
IsBadReadPtr
GetSystemDirectoryW
EnumDateFormatsW
GlobalUnlock
GlobalFindAtomA
CreateWaitableTimerA
ReadDirectoryChangesW
SetConsoleCursorPosition
VirtualQuery
OpenMutexA
GetVersionExA
VirtualProtect
EnumResourceNamesA
lstrcmpiW
GetACP
EraseTape
FindFirstFileExW
EndUpdateResourceA
DeleteCriticalSection
GlobalFlags
GetCommState
GlobalFindAtomW
GetSystemTime
RaiseException
SetThreadPriorityBoost
DebugBreak
QueryDosDeviceW
InitializeCriticalSection
GenerateConsoleCtrlEvent
ReadFile
CreateFileW
WriteFile
GetCommandLineA
GetLocaleInfoW
ExitProcess

user32

InsertMenuItemW
SetActiveWindow
EnableScrollBar
IsWindowUnicode
CloseWindow
InternalGetWindowText
GetScrollBarInfo
DispatchMessageW
SetProcessWindowStation
CharUpperA
SetDlgItemTextA
GetClipboardFormatNameW
ValidateRect
GetSystemMetrics
CharLowerBuffW
IsCharAlphaA
ToUnicode
CopyImage
GetIconInfo
EndDialog
IsZoomed
RegisterClassW
OpenDesktopW
CharUpperW
DrawTextA
MapVirtualKeyA
GetMenuItemCount
GetMonitorInfoA

gdi32

GetPixel
CloseEnhMetaFile
ArcTo
CloseFigure
CreateEnhMetaFileA
CreateDIBPatternBrushPt
SelectObject
CreateEnhMetaFileW
MaskBlt
ExtTextOutW
StretchBlt

comdlg32

PageSetupDlgA
PageSetupDlgW
ChooseColorA
ReplaceTextW

advapi32

QueryServiceStatus
GetSecurityInfo
StartServiceA
IsTextUnicode
RegRestoreKeyW
RevertToSelf
LookupAccountNameW

shell32

SHFileOperationA

ole32

CoGetInterfaceAndReleaseStream
OleSetContainedObject

oleaut32

SysAllocStringLen
QueryPathOfRegTypeLi
SafeArrayGetElement

comctl32

ImageList_Remove
ImageList_SetDragCursorImage

shlwapi

SHSetValueA
PathQuoteSpacesW
PathIsDirectoryW
StrRChrA
StrCmpNW
PathCombineW
StrFormatByteSize64A
SHCopyKeyA
PathQuoteSpacesA
PathAddBackslashA
UrlGetPartW
PathStripToRootA
StrCatBuffA
SHCopyKeyW
SHQueryValueExW
PathIsDirectoryEmptyW

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

de7a40e9a3a0630b062897eefdc95025

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 232KB - Virtual size: 229KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 232KB - Virtual size: 229KB