481be50cd3d2162c9279b7ce0f9ce4ef_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

481be50cd3d2162c9279b7ce0f9ce4ef_JaffaCakes118
Size

348KB
MD5

481be50cd3d2162c9279b7ce0f9ce4ef
SHA1

e005d7d6ca65cecba03a7e22cf5356007bf6b7bd
SHA256

1c35818392f99e1ee11a6ec2dac203b9d7413bd1b9c182b37fec5f8ebd1d43c7
SHA512

fbf84a5d13f8c7cb6cf8360db28ea6f7a1a3685d8e32c36e5707e2dfb00824a306ff8fbf178c269be6cf4d02d78d6f13eb6de7de009090b8d28e2ebd7b856e78
SSDEEP

6144:n3vzBnXAVoNLMs40hfodZwu/H1UPUyo1W9QH/eI+k+/8HGieXhanXitBiMaVYFcI:n3vyVo6s40hfodqUH12U3pH/J+D8HGVb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
481be50cd3d2162c9279b7ce0f9ce4ef_JaffaCakes118

Files

481be50cd3d2162c9279b7ce0f9ce4ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e3bef90931d4dd7c4e62ed2ba9de673a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameA
FillConsoleOutputCharacterA
GetLogicalDriveStringsA
HeapSummary
GetUserGeoID
GetEnvironmentStringsA
GetUserDefaultLangID
SetEndOfFile
GetTempPathA
lstrcmpiA
OpenEventA
GlobalUnWire
ReleaseSemaphore
GetEnvironmentVariableA
GetConsoleAliasesLengthA
GetProfileSectionA
HeapAlloc
HeapUnlock
GetConsoleAliasExesLengthA
GlobalMemoryStatusEx
_hread
GetDriveTypeA
ClearCommBreak
Heap32ListNext
IsBadStringPtrA
EnumTimeFormatsA
OpenThread
SizeofResource
LocalAlloc
GetFileTime
CreateFileMappingA
LZCopy
SetFilePointer
SetPriorityClass
GetDiskFreeSpaceA
GetThreadSelectorEntry
GetBinaryType
GetVersionExA
ReadFile
GetTickCount
OpenJobObjectA
UnlockFile
MapViewOfFileEx
VirtualAllocEx
FreeLibrary
GetConsoleTitleA
OpenWaitableTimerA
Module32Next
OpenMutexA
GetDllDirectoryA
GetSystemDirectoryA
GetConsoleOutputCP
SetDllDirectoryA
FileTimeToDosDateTime
GetFileSize
SetConsoleCursorPosition
DeleteTimerQueueEx
FindNextFileA
GetCurrentProcessId
IsBadWritePtr
LocalAlloc
UnregisterWait
GlobalCompact
RegisterWaitForInputIdle
ChangeTimerQueueTimer
GetFullPathNameA
CreateDirectoryA
SetDefaultCommConfigA
GetSystemDefaultLangID
FindCloseChangeNotification
VirtualAllocEx
GetThreadPriority
EscapeCommFunction
PeekNamedPipe
VerifyVersionInfoA
GetConsoleCursorInfo
HeapSize
RequestDeviceWakeup
FlushFileBuffers
VerifyVersionInfoA
GetUserDefaultUILanguage
GetFileType
SetInformationJobObject
DebugBreak
ShowConsoleCursor
GlobalSize
LZOpenFileA
GlobalSize
GetProcessVersion
GetEnvironmentStringsA
FindVolumeMountPointClose
lstrcat
ExitVDM
PeekConsoleInputA
IsBadStringPtrA
GetConsoleTitleA
CreateFileMappingA
GetFileSizeEx
VerifyVersionInfoA
GetVersionExA
FormatMessageA
GetDefaultCommConfigA
IsSystemResumeAutomatic
EndUpdateResourceA
GetNamedPipeHandleStateA
LocalShrink
LZInit
GetSystemTime
OutputDebugStringA
LockFile
GetLogicalDrives
ConnectNamedPipe
GetConsoleCommandHistoryLengthW
LocalLock
GetPriorityClass
PeekConsoleInputA
GetThreadContext
EnumSystemLanguageGroupsA
DisconnectNamedPipe
LocalShrink
GetTickCount
GlobalAddAtomA
GetSystemTime
ExitThread
CreateSemaphoreA
FlushConsoleInputBuffer
GetOverlappedResult
GetCurrentDirectoryA
DeleteTimerQueueTimer
LocalShrink
GetThreadContext
_lwrite
ReplaceFile
GetVolumePathNameA
GetFileInformationByHandle
PeekConsoleInputA
GetConsoleCursorInfo
GetTickCount
UpdateResourceA
IsValidLocale
SetComputerNameExA
_llseek
OpenFileMappingA
GetTapeStatus
SetConsoleNumberOfCommandsA
GetPrivateProfileStringA
lstrcatA
HeapDestroy
GetLogicalDrives
ChangeTimerQueueTimer
WriteConsoleOutputA
ProcessIdToSessionId
ReadConsoleA
GetProcessVersion
EndUpdateResourceA
GetCurrentThreadId
VerifyVersionInfoA
SetLocalPrimaryComputerNameA
GetVolumePathNamesForVolumeNameA
OpenEventA
GetLongPathNameA
WriteConsoleOutputA
VirtualUnlock
lstrcmpi
EnumResourceLanguagesA
EnumUILanguagesA
GetUserDefaultUILanguage
lstrcmpA
GetCurrentProcess
GetProcessShutdownParameters
WriteConsoleOutputA
SetConsoleKeyShortcuts

user32

PrivateExtractIconExA
LockWindowUpdate
ShowWindowAsync
CreateAcceleratorTableA
ChangeDisplaySettingsExW
DrawEdge
OemKeyScan
GetOpenClipboardWindow
EnableScrollBar
GetRawInputDeviceList
DefFrameProcA
OpenDesktopA
UnregisterMessagePumpHook
ReleaseDC
TrackMouseEvent
SetCursorPos
SwitchDesktop
CreateWindowStationA
SetParent
LoadImageA
SetMenuItemBitmaps
TrackMouseEvent
EndPaint
LockWindowUpdate
EditWndProc
GetCursor
GetThreadDesktop
GetWindowTextA
IsCharAlphaNumericA
CalcMenuBar
DrawIconEx
OpenWindowStationA
OpenInputDesktop
GrayStringA
KillTimer
GetCursorInfo
DrawTextExW
SetCapture
GetListBoxInfo
SendMessageA
ShowCursor
SetProcessWindowStation
PostMessageA
IsCharUpperA
DestroyMenu
CharUpperBuffA
ChangeMenuA
GetTaskmanWindow
SendMessageTimeoutA
AdjustWindowRect
InvertRect
DestroyMenu
DlgDirListComboBoxA
RegisterClipboardFormatA
IsServerSideWindow
IsDialogMessageA
DrawStateA
DlgDirSelectComboBoxExA
DefWindowProcA
LoadCursorFromFileA
SendDlgItemMessageA
CreateMDIWindowA
GetPropA
DefWindowProcA
EnumWindows
SetFocus
SendMessageCallbackA
GetClipboardData
IsDialogMessageA
IsClipboardFormatAvailable
CallMsgFilterA
ToAscii
PostQuitMessage
LoadImageA
MessageBoxTimeoutA
GetGUIThreadInfo
OemToCharBuffW
HiliteMenuItem
AnimateWindow
TrackPopupMenuEx
SetWindowLongA
ArrangeIconicWindows

advapi32

IsValidSid

Sections

.itext
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 180KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3bef90931d4dd7c4e62ed2ba9de673a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.itext Size: - Virtual size: 3KB

.text Size: 180KB - Virtual size: 448KB

.idata Size: 96KB - Virtual size: 94KB

.rsrc Size: 68KB - Virtual size: 65KB

.itext
Size: - Virtual size: 3KB

.text
Size: 180KB - Virtual size: 448KB

.idata
Size: 96KB - Virtual size: 94KB

.rsrc
Size: 68KB - Virtual size: 65KB