47796f134e6cf86220e28e336a464b08_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

47796f134e6cf86220e28e336a464b08_JaffaCakes118
Size

332KB
MD5

47796f134e6cf86220e28e336a464b08
SHA1

0ad5dcb463e91786a0861d80eaa5fc9b33629987
SHA256

501263eff9898ff746b4a8f16a8e0c175bc64565c447448139285918d91b849d
SHA512

b428cc02f1c0baacc40e31530aeaccc9334d19121f1b6b1a599e1980d6b80c68bfb7788e1d8550a8e7b44dd384cf89962195a73f252eaf027134270555165c6e
SSDEEP

6144:1ezZUPwRvxZMnU/Y/bNhJxAyT0SALBow1y0LBSX+93H3Zwwko7lP:s18In/Y/fJxlgS26w1y0LB8w3XZww1h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47796f134e6cf86220e28e336a464b08_JaffaCakes118

Files

47796f134e6cf86220e28e336a464b08_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6898efcfcb2985b8d9c1bb383ca0d1ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\sak\xuu\oeaeo

Imports

kernel32

WaitForSingleObject
GetSystemInfo
LoadLibraryA
HeapReAlloc
GetSystemTimeAsFileTime
SetFilePointer
SetComputerNameA
GetEnvironmentStrings
HeapCreate
GetProcessHeap
GetModuleFileNameA
ExitProcess
TlsGetValue
lstrcpyn
IsValidCodePage
InitializeCriticalSection
GetLastError
GetModuleHandleA
ReadFileEx
VirtualQuery
GetLocaleInfoA
GetVersion
TerminateProcess
GetTimeFormatA
GetOEMCP
ReadConsoleInputW
DeleteFileW
GetUserDefaultLCID
lstrcmpi
GetStdHandle
MultiByteToWideChar
SetLastError
TlsSetValue
QueryPerformanceCounter
GetFileType
VirtualFreeEx
WideCharToMultiByte
GetStringTypeW
GetModuleFileNameW
HeapFree
GetCurrentProcessId
VirtualAlloc
VirtualFree
HeapAlloc
GetVersionExA
GetCommandLineW
GetCPInfo
WriteFile
FreeEnvironmentStringsW
GetNamedPipeInfo
LocalLock
GetACP
GetCommandLineA
FreeEnvironmentStringsA
UnhandledExceptionFilter
LeaveCriticalSection
TlsFree
VirtualQueryEx
CompareStringA
GetStartupInfoA
GetCurrentThreadId
CompareStringW
GetCurrentThread
GetStringTypeA
ReadFile
CreateEventA
CreateMutexA
EnterCriticalSection
RtlUnwind
SetFileAttributesW
GetTimeZoneInformation
GetProcAddress
IsBadWritePtr
HeapSize
GetDateFormatA
FlushFileBuffers
DeleteCriticalSection
EnumSystemLocalesA
TlsAlloc
VirtualAllocEx
CreateSemaphoreA
CloseHandle
GetEnvironmentStringsW
GetStartupInfoW
CreateFileW
SetHandleCount
SetStdHandle
LCMapStringA
OpenMutexA
SetEvent
GetTickCount
GetCurrentProcess
InterlockedExchange
lstrcmpW
VirtualProtect
IsValidLocale
SetEnvironmentVariableA
LCMapStringW
HeapDestroy
CommConfigDialogA
GetLocaleInfoW

user32

MonitorFromWindow
RegisterClassA
GetDCEx
wvsprintfW
ArrangeIconicWindows
GetKeyboardState
SetMessageQueue
CheckRadioButton
RegisterClassExA
SendNotifyMessageW
DdeQueryStringW
LoadStringA
DrawStateW
DefDlgProcA
EnumDesktopsW
ScrollWindow
SetThreadDesktop
TileChildWindows
SetWindowsHookW
SetWindowsHookExW
DdeClientTransaction
ShowWindow
TranslateMDISysAccel

comctl32

ImageList_LoadImage
InitCommonControlsEx
ImageList_BeginDrag
_TrackMouseEvent
ImageList_AddIcon

advapi32

LookupAccountSidA
LogonUserA
RegQueryMultipleValuesW
RegRestoreKeyW
InitializeSecurityDescriptor
LookupPrivilegeDisplayNameW
RegSaveKeyA
CryptEncrypt
RegQueryValueW
CryptGetUserKey

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6898efcfcb2985b8d9c1bb383ca0d1ea

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

advapi32

Sections

.text Size: 132KB - Virtual size: 132KB

.rdata Size: 81KB - Virtual size: 96KB

.data Size: 94KB - Virtual size: 94KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 132KB - Virtual size: 132KB

.rdata
Size: 81KB - Virtual size: 96KB

.data
Size: 94KB - Virtual size: 94KB

.rsrc
Size: 23KB - Virtual size: 22KB