48cf2ef0dabdbd4f20a8edcc7bc2362e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

48cf2ef0dabdbd4f20a8edcc7bc2362e_JaffaCakes118
Size

252KB
MD5

48cf2ef0dabdbd4f20a8edcc7bc2362e
SHA1

29d94dc705a743c25af1a004f2f439b3e87ddd21
SHA256

0ad00df3a66d596447fe350c3c0303acab891c7348a2c8bd1448240d0204e68b
SHA512

ee08766bdd8b13beff1f3e4caa10f46860d5f3077c5bd57e35c22cb91f5c34d2b3becadda29583283113c7746eca6af1e2249d9e7835a029c72d5abbdff6df8b
SSDEEP

6144:tMdAuci0Pq4WWC19dhl7AWpcEl6tcP+pIovCjcXN5C:tMb0PQX9n6WpchtNpIoKgN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48cf2ef0dabdbd4f20a8edcc7bc2362e_JaffaCakes118

Files

48cf2ef0dabdbd4f20a8edcc7bc2362e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d44dc4e017f93e280b11cee912b9442

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
SetSystemTime
FileTimeToLocalFileTime
GetBinaryTypeA
DeleteCriticalSection
ScrollConsoleScreenBufferA
ReadConsoleInputW
ExitProcess
CancelIo
EnumCalendarInfoW
PulseEvent
QueryDosDeviceW
GetVersionExA
GetCommandLineA
lstrlenA
VirtualAlloc

user32

CharToOemBuffA
CallWindowProcW
CreatePopupMenu
SendInput
SendNotifyMessageW
CharPrevW
SendDlgItemMessageW
CheckDlgButton
LoadKeyboardLayoutA
EmptyClipboard
RegisterClipboardFormatA
GetCursorPos
GetTitleBarInfo
GetKeyState
EnumDisplayDevicesA
GetDlgItemTextA
AdjustWindowRect
LoadMenuIndirectW
ChildWindowFromPoint
IsCharAlphaW
ExcludeUpdateRgn
TrackPopupMenuEx
SetActiveWindow
GetCaretPos
GetDialogBaseUnits
ShowWindowAsync
SystemParametersInfoW
SetWindowPlacement
InsertMenuItemW
GetClipboardFormatNameA
GetSysColorBrush
IsWindowUnicode
GetProcessWindowStation
RegisterWindowMessageA
EnableMenuItem
GetKeyboardType
TranslateMDISysAccel
InvertRect
SetCapture
IsIconic
SetUserObjectInformationW
GetTabbedTextExtentA
MessageBoxIndirectW
SetParent
SetWindowTextW
DialogBoxIndirectParamA
GetMenu
IsCharUpperW
DrawTextExA
AdjustWindowRectEx
ClientToScreen
IsDialogMessageW
VkKeyScanW
IsCharUpperA
DrawFrameControl
MonitorFromRect
GetMonitorInfoW
AttachThreadInput
SetWindowTextA
GetGuiResources

gdi32

CreatePenIndirect
TranslateCharsetInfo
UpdateColors
GetCharWidthW
GetBkMode
PolyBezierTo
GetEnhMetaFilePaletteEntries
SetViewportOrgEx
CreateEnhMetaFileA
FillRgn

advapi32

AddAccessDeniedAce
DeleteService
RegQueryInfoKeyW
CryptGetProvParam
GetServiceDisplayNameW
ObjectCloseAuditAlarmW
NotifyChangeEventLog
IsValidSid
AddAce
RegDeleteKeyW

shell32

DragQueryPoint
SHLoadInProc

ole32

CoQueryProxyBlanket
WriteClassStg
ReadFmtUserTypeStg
CoImpersonateClient
OleFlushClipboard
CoRegisterClassObject
CreateBindCtx
OleSaveToStream

oleaut32

SysAllocStringLen
SafeArrayGetElement
SysStringLen

comctl32

ImageList_LoadImageA
ImageList_BeginDrag
ord17
ImageList_GetDragImage

shlwapi

StrCmpIW
PathFileExistsA
UrlGetPartA
PathFindNextComponentW
PathRemoveExtensionW
PathAddBackslashW
SHRegOpenUSKeyW
StrChrW
StrFormatByteSizeW
StrCmpNA
StrFormatByteSizeA
UrlIsW
PathIsUNCW
PathStripToRootA
PathAppendA
StrStrW
SHAutoComplete
SHGetValueA

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6d44dc4e017f93e280b11cee912b9442

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 12KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 232KB - Virtual size: 229KB

.text
Size: 12KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 232KB - Virtual size: 229KB