488aa831b1aaee72d133be3ec156a203_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

488aa831b1aaee72d133be3ec156a203_JaffaCakes118
Size

300KB
MD5

488aa831b1aaee72d133be3ec156a203
SHA1

bd40a9eab9adf6fafe9710e778ea05a510ca6132
SHA256

27d2d7358fff712b74623d0a1ac4abd4a38c3805447839f08df5695e4e3aca4b
SHA512

dcdfcba50dd7e0381374518e97c7e159f3c414e79b4b2a8b1ec95aa184dc67ced6aa4adae83c1c64f32583f51ca18cfbf50ff1f367f43a8df01424f8af49a431
SSDEEP

6144:WLtPJ8nQ3GbhRX9FOBcDxUbpBSeP08bPJto2Ifl+QnDGF9:WLr8neSh13xDxUbDvsuMlflnSF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
488aa831b1aaee72d133be3ec156a203_JaffaCakes118

Files

488aa831b1aaee72d133be3ec156a203_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44e830251e88b68de1dfb105149f696d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
VirtualProtect
GetSystemTimeAdjustment
GetBinaryTypeW
GetDiskFreeSpaceW
ReadConsoleA
GetComputerNameW
GetLongPathNameA
ExitThread
GetModuleHandleA
VirtualAlloc
GetStartupInfoA

user32

SystemParametersInfoW
CreateDialogIndirectParamA
CheckMenuRadioItem
DefFrameProcW

gdi32

PolyBezierTo
EnumFontFamiliesExA
CreatePatternBrush
SelectObject
CreateFontW
SetBrushOrgEx
GetTextCharsetInfo
StartDocA

comdlg32

FindTextA
ChooseColorW

advapi32

GetPrivateObjectSecurity
CryptReleaseContext
BuildTrusteeWithSidW
SetThreadToken
CryptExportKey
UnlockServiceDatabase
AddAce
CryptDestroyKey
StartServiceCtrlDispatcherW
ChangeServiceConfigW
ChangeServiceConfigA
OpenServiceW
AddAccessAllowedAce
StartServiceA
OpenEventLogW
RegCreateKeyExW
CreateProcessAsUserA
CryptVerifySignatureA
RegGetKeySecurity
RegReplaceKeyW
DuplicateToken
RegNotifyChangeKeyValue
GetCurrentHwProfileW
NotifyChangeEventLog
CopySid
ObjectCloseAuditAlarmW
CryptSetKeyParam
CreateServiceA
CryptDecrypt
AdjustTokenPrivileges
GetSidSubAuthority
AddAccessDeniedAce
ControlService
RegDeleteValueW
GetServiceKeyNameW

shell32

FindExecutableW
ExtractIconExW

ole32

OleSetMenuDescriptor

oleaut32

SafeArrayGetElement
SafeArrayGetLBound
SysAllocStringLen
SetErrorInfo
QueryPathOfRegTypeLi
SafeArrayUnaccessData
LoadTypeLi
VariantChangeType
SysStringLen

comctl32

_TrackMouseEvent

shlwapi

UrlCanonicalizeW
UrlCombineW
PathGetCharTypeW
SHEnumValueW
PathStripPathA
StrCmpW
PathAppendW
StrFormatByteSizeW
SHStrDupW
PathAddBackslashW
StrPBrkW
PathUnquoteSpacesW
SHAutoComplete
PathIsUNCA
PathFindFileNameA
PathIsDirectoryEmptyW
SHRegCreateUSKeyW

msvcrt

_controlfp
__setusermatherr
_initterm
__getmainargs
_except_handler3
__set_app_type
_acmdln
exit
_XcptFilter
_exit
_adjust_fdiv
__p__commode
__p__fmode

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

44e830251e88b68de1dfb105149f696d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

msvcrt

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 284KB - Virtual size: 283KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 284KB - Virtual size: 283KB