47dbf8f97ea056e638fae2c0447fdab6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

47dbf8f97ea056e638fae2c0447fdab6_JaffaCakes118
Size

320KB
MD5

47dbf8f97ea056e638fae2c0447fdab6
SHA1

68bc9c24d6bc6f06558eb8d5140e322b38073ee8
SHA256

772e007d0d9f0ffe53fc48875d8c7ca7d5a8750b02e33245719098ca87f3c106
SHA512

124b8fb4648d72206449cc04279181326b19f98a19e8d205eb009709f7eec0097f917b1b43064909678435d63ad6601ce7e610a86af3282af5b8248d67dfbb05
SSDEEP

6144:mcLKm3HSjjR39qqhxGgDLf+RfxEKdLKI+/EJieHPwJR9:mgSj9tZxGgX2R5LmjEJtoR9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47dbf8f97ea056e638fae2c0447fdab6_JaffaCakes118

Files

47dbf8f97ea056e638fae2c0447fdab6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

576e916a50a5677ea5bdc6ef507520bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\

Imports

gdi32

ModifyWorldTransform
GetDeviceCaps
EnumMetaFile
EqualRgn
CreateBitmap
GetRandomRgn
AbortPath
DeleteDC
CreateDCA
GetCharWidth32W
GetSystemPaletteEntries
GetAspectRatioFilterEx
GetOutlineTextMetricsW

user32

RegisterClassExA
EnumDisplaySettingsExW
UnhookWindowsHookEx
LookupIconIdFromDirectory
EnumDesktopWindows
DestroyCaret
RegisterClassA
GetCursor
GetClassLongW
GetWindowRgn
DdeAbandonTransaction
EnumWindowStationsW
InSendMessage

comdlg32

GetOpenFileNameW

shell32

RealShellExecuteW

advapi32

CryptDestroyKey
RegEnumKeyExA
LookupSecurityDescriptorPartsA
RegFlushKey
RegDeleteKeyA
AbortSystemShutdownW
LookupAccountSidW
RegCreateKeyExA
RegEnumValueA
CryptAcquireContextA
RegQueryMultipleValuesA
RegQueryMultipleValuesW
RegDeleteValueA

comctl32

InitCommonControlsEx

kernel32

GetModuleFileNameA
GetCurrentProcessId
FreeEnvironmentStringsW
EnumDateFormatsW
TlsGetValue
GetVersion
GlobalFree
SetComputerNameW
GetTickCount
IsBadWritePtr
OpenFileMappingW
EnterCriticalSection
SetLastError
OutputDebugStringA
LCMapStringA
CompareStringA
GetOEMCP
GetFileType
VirtualAlloc
CreateDirectoryA
SetStdHandle
PulseEvent
HeapAlloc
IsBadReadPtr
GetACP
GetSystemTime
TerminateProcess
GetStdHandle
HeapFree
CompareStringW
HeapCreate
WriteProfileSectionA
GetModuleHandleA
SetHandleCount
TlsAlloc
GetLastError
LeaveCriticalSection
CloseHandle
GetSystemDirectoryA
OpenMutexA
GetCurrentThread
ReadFile
GetStartupInfoA
EnumTimeFormatsW
RtlUnwind
DeleteCriticalSection
WriteFile
FreeEnvironmentStringsA
VirtualQuery
HeapReAlloc
DebugBreak
GetProcAddress
GetTimeZoneInformation
WideCharToMultiByte
ExitProcess
HeapDestroy
GetCommandLineA
SetConsoleCtrlHandler
HeapValidate
GetLocalTime
InitializeCriticalSection
QueryPerformanceCounter
UnhandledExceptionFilter
TlsSetValue
MultiByteToWideChar
GetEnvironmentStrings
TlsFree
GetEnvironmentStringsW
CommConfigDialogA
GetSystemTimeAsFileTime
GetPrivateProfileStringW
GetCurrentProcess
InterlockedExchange
GetCPInfo
lstrcpynW
GetStringTypeA
DeleteFileW
InterlockedIncrement
CreateMutexA
VirtualFree
SetEnvironmentVariableA
SetFilePointer
GetStringTypeW
InterlockedDecrement
LoadLibraryA
DeleteFiber
FlushFileBuffers
GetCurrentThreadId
LCMapStringW

Sections

.text
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

576e916a50a5677ea5bdc6ef507520bc

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

comdlg32

shell32

advapi32

comctl32

kernel32

Sections

.text Size: 206KB - Virtual size: 205KB

.rdata Size: 10KB - Virtual size: 34KB

.data Size: 87KB - Virtual size: 86KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 206KB - Virtual size: 205KB

.rdata
Size: 10KB - Virtual size: 34KB

.data
Size: 87KB - Virtual size: 86KB

.rsrc
Size: 16KB - Virtual size: 16KB