47bba6f8ab90694cc0172e0af6bb2a4e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

47bba6f8ab90694cc0172e0af6bb2a4e_JaffaCakes118
Size

2.7MB
MD5

47bba6f8ab90694cc0172e0af6bb2a4e
SHA1

306dd41f851389eaba2cb90333e21981674b9cab
SHA256

1f3faae6cab0e7359899eede79291c63fdffb44a9d0a7a8d56ad11e251989be4
SHA512

34c4fc686b2eb158a5de9d62a824b65ab933a1745dcefb62995447f54403b3d4e2de56ea9a516894ded1dea82ebc30958bf26ca097f12927cf7c912cb3fc9c1e
SSDEEP

49152:atIZ7cnbluTAYpOZQPsIegHmKPz17lLCpGorj:V7cnbkTAYpfsIvJzRlLTor

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47bba6f8ab90694cc0172e0af6bb2a4e_JaffaCakes118

Files

47bba6f8ab90694cc0172e0af6bb2a4e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81cdf8fd4d52c89e65ad698c45fb3fcc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
WaitForSingleObject
CreateProcessA
WritePrivateProfileStringA
GetShortPathNameA
CloseHandle
WriteFile
CreateFileA
LockResource
LoadResource
SizeofResource
FindResourceA
DeleteFileA
GetModuleFileNameA
LoadLibraryA
GetLastError
lstrcatA
CreateDirectoryA
GetWindowsDirectoryA
HeapSize
LCMapStringW
LCMapStringA
GetLocaleInfoA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
InterlockedExchange
RtlUnwind
GetCPInfo
GetOEMCP
GetACP
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
SetFilePointer
SetStdHandle
GetSystemTimeAsFileTime
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetCurrentProcess
TerminateProcess
ExitProcess
RemoveDirectoryA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapFree
HeapAlloc
GetProcAddress

user32

CallWindowProcA
BeginPaint
FillRect
DefWindowProcA
CreateWindowExA
DialogBoxParamA
LoadCursorA
SetCursor
InvalidateRect
UpdateWindow
LoadStringA
RegisterClassExA
GetClientRect
SetRect
PostQuitMessage
SetWindowLongA
SystemParametersInfoA
DialogBoxIndirectParamA
GetDlgItem
GetWindow
SendMessageA
DestroyWindow
EndDialog
LoadIconA
SetDlgItemTextA
wsprintfA
GetWindowLongA
EndPaint

gdi32

DeleteObject
GetStockObject
CreateSolidBrush

shell32

SHGetSpecialFolderPathA
ShellExecuteExA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81cdf8fd4d52c89e65ad698c45fb3fcc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 20KB - Virtual size: 22KB

.rsrc Size: 2.6MB - Virtual size: 2.6MB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 20KB - Virtual size: 22KB

.rsrc
Size: 2.6MB - Virtual size: 2.6MB