49667300917200a38df853b92b3a60b8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

49667300917200a38df853b92b3a60b8_JaffaCakes118
Size

19KB
MD5

49667300917200a38df853b92b3a60b8
SHA1

931b7fcd0815d4996b48d58f9cbb05096f885367
SHA256

5fa2a2a848636f1a6f67e164b3d0c312a7b9914d53e92d12f7c9bbf003b439ff
SHA512

d3abd8e0a1b54de832995d0cee59d26b8bf5d54ee3a00d21b732c11562864ead80d890e43d45404290f7a526c2995538a8efe15130beeac765eaef2789dc9fba
SSDEEP

192:aRlviVZY5aMRIDIU66g76Ww1Pz3WvUCFuS+vkT+BrSFRLdqfkhoc9Q8+c5Vmh2EB:mZDIDIiI6W6UUnf4RJqfQVpn4t3B4a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49667300917200a38df853b92b3a60b8_JaffaCakes118

Files

49667300917200a38df853b92b3a60b8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e35869d820fe86ae59a4a6975217ac8d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddConsoleAliasA
BeginUpdateResourceW
ClearCommError
CommConfigDialogW
CopyFileA
CreateEventA
CreateIoCompletionPort
CreateJobObjectA
CreateJobObjectW
CreateNamedPipeW
DebugBreak
DefineDosDeviceA
DeleteTimerQueueEx
EndUpdateResourceW
EnumCalendarInfoExW
EnumDateFormatsExW
EnumSystemCodePagesA
EnumSystemLanguageGroupsW
EnumTimeFormatsA
FindFirstFileA
FreeLibrary
GetCPInfo
GetCalendarInfoA
GetCommTimeouts
GetCompressedFileSizeW
GetComputerNameA
GetComputerNameExA
GetConsoleAliasesLengthA
GetConsoleCursorInfo
GetConsoleMode
GetConsoleOutputCP
GetDateFormatW
GetEnvironmentStrings
GetFileAttributesExA
GetLastError
GetLogicalDrives
GetNamedPipeInfo
GetOEMCP
GetPrivateProfileStructA
GetStdHandle
GetSystemDefaultLCID
GetTempPathA
GetThreadTimes
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetProcAddress
GlobalGetAtomNameA
HeapDestroy
IsBadCodePtr
IsDebuggerPresent
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalAlloc
LocalCompact
LocalFileTimeToFileTime
MoveFileExW
Process32NextW
QueryPerformanceCounter
QueryPerformanceFrequency
ReadConsoleA
RtlUnwind
SetCommState
SetComputerNameW
SetConsoleCursor
SetConsoleCursorPosition
SetConsoleDisplayMode
SetConsoleWindowInfo
SetFileApisToOEM
SetFileAttributesA
SetFileAttributesW
SetHandleInformation
SetLastError
SetNamedPipeHandleState
SetVolumeMountPointA
SetVolumeMountPointW
SleepEx
SwitchToFiber
UnhandledExceptionFilter
VerifyVersionInfoA
VirtualFree
VirtualUnlock
WaitCommEvent
WaitForSingleObjectEx
WinExec
WritePrivateProfileStructW
lstrcat
lstrcmpA
lstrcpyA
lstrcpyW
lstrcpynW
lstrlenA
ExitProcess
GetVolumeInformationW
GetModuleHandleA

msvcrt

memset

advapi32

RegOpenKeyA
RegOpenKeyExA

ole32

CLIPFORMAT_UserSize
CLSIDFromString
CoAddRefServerProcess
CoAllowSetForegroundWindow
CoCancelCall
CoCopyProxy
CoCreateInstanceEx
CoFileTimeNow
CoFreeAllLibraries
CoFreeLibrary
CoGetClassVersion
CoImpersonateClient
CoInstall
CoLoadLibrary
CoLockObjectExternal
CoMarshalHresult
CoQueryProxyBlanket
CoRegisterMessageFilter
CoResumeClassObjects
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CoUnmarshalHresult
CoUnmarshalInterface
CoWaitForMultipleHandles
CreateClassMoniker
CreateDataAdviseHolder
CreateDataCache
EnableHookObject
GetHGlobalFromILockBytes
HACCEL_UserMarshal
HACCEL_UserSize
HBRUSH_UserFree
HBRUSH_UserMarshal
HBRUSH_UserSize
HDC_UserFree
HDC_UserUnmarshal
HENHMETAFILE_UserMarshal
HENHMETAFILE_UserUnmarshal
HICON_UserFree
HMENU_UserFree
HMENU_UserUnmarshal
HMETAFILEPICT_UserMarshal
HMETAFILEPICT_UserUnmarshal
HMETAFILE_UserUnmarshal
HPALETTE_UserSize
HPALETTE_UserUnmarshal
IIDFromString
MkParseDisplayName
MonikerCommonPrefixWith
MonikerRelativePathTo
OleCreateDefaultHandler
OleCreateFromFileEx
OleCreateMenuDescriptor
OleCreateStaticFromData
OleDestroyMenuDescriptor
OleDoAutoConvert
OleDuplicateData
OleFlushClipboard
OleInitializeWOW
OleIsRunning
OleLockRunning
OleNoteObjectVisible
OleRegEnumFormatEtc
OleRegGetUserType
OleSetMenuDescriptor
RevokeDragDrop
SNB_UserMarshal
SNB_UserUnmarshal
StgConvertPropertyToVariant
StgCreatePropSetStg
StgCreatePropStg
StgOpenAsyncDocfileOnIFillLockBytes
StgOpenPropStg
StgOpenStorageEx
StgSetTimes
StringFromCLSID
StringFromGUID2
UtConvertDvtd16toDvtd32
UtConvertDvtd32toDvtd16
UtGetDvtd16Info
WriteOleStg

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text4
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e35869d820fe86ae59a4a6975217ac8d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

ole32

Sections

.text Size: 7KB - Virtual size: 6KB

.text4 Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 96B

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 6KB

.text4
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 96B

.rsrc
Size: 2KB - Virtual size: 1KB