49a852c87c03d369695ba2e58e5b03b0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

49a852c87c03d369695ba2e58e5b03b0_JaffaCakes118
Size

300KB
MD5

49a852c87c03d369695ba2e58e5b03b0
SHA1

eb975f8bb0d80bd6092bb679186b117b62d61533
SHA256

5af61f6a02fd8c74f8ffd5991220bfef78bbdad699b096932a7c1add0a07fb4a
SHA512

8c66f951de21c8c16fb0cc2fff1cbbf689af8dec70aca641cc5e235277ac2269d3d7b2b79ceb8a79173ac283713be2ca6086fe8e6c482baa1eca3e843b48d071
SSDEEP

6144:4KJerQ2xdpXD0dwGQFE5ApTHywq3Nhzi3Gv11J/iruAu:JJer1R0lQEyp+3N5N11J/irb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49a852c87c03d369695ba2e58e5b03b0_JaffaCakes118

Files

49a852c87c03d369695ba2e58e5b03b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c3db05a8131b677cfac32041e4de82c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\cep

Imports

kernel32

HeapDestroy
WriteConsoleA
GetStartupInfoA
GetConsoleCP
VirtualQuery
SetUnhandledExceptionFilter
LCMapStringA
IsValidLocale
GetEnvironmentStringsW
EnumSystemLocalesA
WriteConsoleW
TlsFree
RtlUnwind
VirtualFree
Sleep
WritePrivateProfileSectionW
CloseHandle
InterlockedDecrement
UnhandledExceptionFilter
GetEnvironmentVariableW
MultiByteToWideChar
HeapReAlloc
GetStringTypeA
GetFileType
TlsGetValue
SetFilePointer
CompareStringW
LeaveCriticalSection
GetUserDefaultLCID
GetTickCount
WideCharToMultiByte
IsValidCodePage
LoadLibraryA
SetConsoleCtrlHandler
ReadConsoleInputA
CreateMutexA
ExitProcess
DeleteCriticalSection
GetCurrentProcessId
WriteFile
InterlockedIncrement
SetHandleCount
GetProcAddress
LCMapStringW
EnterCriticalSection
GetCurrentThreadId
GetSystemTimeAsFileTime
FreeLibrary
GetStringTypeW
GetCurrentProcess
HeapCreate
SetStdHandle
FreeEnvironmentStringsA
FlushFileBuffers
GetTimeZoneInformation
GetACP
GetStdHandle
HeapFree
GetDateFormatA
GetModuleHandleA
SetEnvironmentVariableA
ReadFile
CompareStringA
IsDebuggerPresent
OpenMutexA
GetEnvironmentStrings
VirtualAlloc
GetConsoleOutputCP
QueryPerformanceCounter
TlsAlloc
GetCPInfo
GetCurrentThread
CreateFileA
HeapAlloc
GetTimeFormatA
GetConsoleMode
GetLocaleInfoA
GetLocaleInfoW
SetConsoleScreenBufferSize
GetLastError
HeapSize
SetLastError
InterlockedExchange
FreeEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
GetCommandLineA
GetModuleHandleW
GetModuleFileNameA
TerminateProcess
GetOEMCP
TlsSetValue

user32

RegisterClassExA
GetWindowRgn
LoadCursorW
InsertMenuW
CheckRadioButton
SetWindowLongW
FindWindowA
GetSubMenu
CallMsgFilter
SendDlgItemMessageW
RealChildWindowFromPoint
ModifyMenuW
CreateIconFromResource
RemovePropA
AdjustWindowRect
SendNotifyMessageW
CreateDesktopW
GrayStringW
RegisterClassA
SetForegroundWindow
LoadCursorFromFileW
SwitchToThisWindow
RedrawWindow
ScreenToClient

comctl32

GetEffectiveClientRect
ImageList_ReplaceIcon
CreateStatusWindowW
ImageList_GetIconSize
ImageList_SetOverlayImage
InitCommonControlsEx
ImageList_Duplicate
ImageList_LoadImage

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3db05a8131b677cfac32041e4de82c6

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 100KB - Virtual size: 96KB

.data Size: 92KB - Virtual size: 113KB

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 100KB - Virtual size: 96KB

.data
Size: 92KB - Virtual size: 113KB

.rsrc
Size: 20KB - Virtual size: 18KB