49aae1d9bedaecd262ca3846f09d07be_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

49aae1d9bedaecd262ca3846f09d07be_JaffaCakes118
Size

252KB
MD5

49aae1d9bedaecd262ca3846f09d07be
SHA1

67fdec0aa808030ae52463124763877b04f42ade
SHA256

9bb2fbcc440aeebf29eb69e5ecdc9c93177ed56d48a87f6ba6a0c29e7f79fe8d
SHA512

ac1b4a491cbb23706a2699360ce2f9148a08bea74528e94e87d026735b10a4d759b9966c3a3d26facd009b0efa27e7ba191326147a306b77a8d442c6f41685d4
SSDEEP

6144:gBdI5ku47SQd+vLmjCpx0Rncxeit6/e2zTCjz:GerMgvLmMYTr/3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49aae1d9bedaecd262ca3846f09d07be_JaffaCakes118

Files

49aae1d9bedaecd262ca3846f09d07be_JaffaCakes118
.exe windows:4 windows x86 arch:x86

034f4c74cb4da394056c3ebeb0caa03e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
ReadConsoleA
EnumResourceLanguagesW
EnumResourceNamesW
DeleteCriticalSection
VirtualUnlock
WaitNamedPipeA
ReadDirectoryChangesW
CopyFileExW
GetPrivateProfileSectionW
GetCompressedFileSizeW
SetProcessAffinityMask
lstrcmpiW
SetEvent
GetDateFormatA
AllocConsole
GetDiskFreeSpaceW
GetSystemTimeAdjustment
IsBadWritePtr
WritePrivateProfileSectionA
WriteConsoleOutputCharacterA
GetTempPathW
_lread
DeleteFiber
ReadConsoleInputW
GetModuleFileNameW
GetCurrentDirectoryW
GetProfileStringA
FreeLibrary
QueryDosDeviceA
GetCommConfig
GenerateConsoleCtrlEvent
FatalAppExitA
SystemTimeToFileTime
_hread
CreateDirectoryW
LoadLibraryExW
SetFileAttributesA
PurgeComm
GetProfileIntA
SetTimeZoneInformation
SetConsoleOutputCP
VirtualProtect
GetNumberFormatW
SetConsoleMode
SetThreadPriorityBoost
MoveFileW
GetLocaleInfoW
WritePrivateProfileSectionW
IsValidLocale
FindFirstFileExW
CreateEventA
GetStartupInfoA
GetProcessTimes
GlobalFree
LocalFileTimeToFileTime
RemoveDirectoryA
GetProcessHeap
FindFirstFileA
FileTimeToLocalFileTime
GetComputerNameW
SetHandleCount
GetVolumeInformationW
PeekConsoleInputW
CreateFileW
IsBadStringPtrA
GetOverlappedResult
lstrcmpA
SetProcessShutdownParameters
GetConsoleMode
VirtualAllocEx
GetLargestConsoleWindowSize
GetSystemInfo
GlobalGetAtomNameW
PeekNamedPipe
GetCPInfo
GetSystemTime
GetFileInformationByHandle
GetCommandLineA
GetVersionExA
VirtualAlloc
GetAtomNameA
ExitProcess

user32

IsCharAlphaNumericW
GetDlgItemTextW
GrayStringW
SwapMouseButton
HiliteMenuItem
CreateAcceleratorTableW
GetDC
MapWindowPoints
SendMessageCallbackW
ChangeMenuA
MenuItemFromPoint
RegisterClassA
SetScrollRange
SetPropW
GetKeyboardLayoutList
EnumDisplayDevicesW
SetSysColors
GetClassNameW
SetDlgItemTextW
CheckRadioButton
UnhookWinEvent
SetFocus
CreateDialogIndirectParamW

gdi32

CreateDIBSection
GetOutlineTextMetricsA
TranslateCharsetInfo
GetCharacterPlacementW
SetROP2
DeleteDC
SetEnhMetaFileBits
Pie
PolyBezierTo
TextOutW
CopyMetaFileW
CreateRectRgnIndirect
GetDCOrgEx
OffsetRgn
CreateHalftonePalette
GetCurrentObject
CreateICA
EnumEnhMetaFile
GetWinMetaFileBits
SetBitmapDimensionEx

advapi32

RegisterEventSourceA
CreatePrivateObjectSecurity
GetSecurityDescriptorLength
EnumDependentServicesA
ObjectCloseAuditAlarmW
RegNotifyChangeKeyValue
AbortSystemShutdownA
GetSidLengthRequired
InitializeSid
GetSidSubAuthorityCount
StartServiceCtrlDispatcherW
AccessCheckAndAuditAlarmA
IsTextUnicode
RegDeleteValueA
CryptDestroyKey

shell32

SHGetDesktopFolder
SHBrowseForFolderA

oleaut32

VariantChangeType
SafeArrayRedim
LoadTypeLi
SafeArrayPutElement
LoadTypeLibEx
SafeArrayGetLBound
SafeArrayUnaccessData
SafeArrayCreate

comctl32

ImageList_GetIconSize
ImageList_DragShowNolock

shlwapi

PathAppendA
PathCanonicalizeW
StrCpyW
PathIsUNCW
StrRetToStrW
PathFindOnPathW
PathQuoteSpacesW
PathUndecorateW
PathFindExtensionW
SHRegGetBoolUSValueA
SHRegCreateUSKeyW
wvnsprintfW
StrCmpNW
StrDupW

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

034f4c74cb4da394056c3ebeb0caa03e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

oleaut32

comctl32

shlwapi

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 232KB - Virtual size: 229KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 232KB - Virtual size: 229KB