49de5a64a40afd612dab89d90d6dba4d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

49de5a64a40afd612dab89d90d6dba4d_JaffaCakes118
Size

328KB
MD5

49de5a64a40afd612dab89d90d6dba4d
SHA1

e5ba57b32a9e5719d943cde9182223152e8ce8fd
SHA256

73a301786ed471a4add4a770f2b5e03e1e25d71fa7eb1636a6144f3796206f8c
SHA512

dc4b7c67362e35fd0bdfb07c249e15630baf4bbb1afbb6e90f844d1f7e67ad8f7cfcd9173337933d08ca8d3b669fe88b1e6cf698d1669c3135e6d64133e5bfcd
SSDEEP

6144:mJLoIlPCtu5djvtC3lFWktcOaaZ9OSSuMtM:mJLoIgtqGXZ9+tM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49de5a64a40afd612dab89d90d6dba4d_JaffaCakes118

Files

49de5a64a40afd612dab89d90d6dba4d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f5578acedfb128b6e2ee6fd748ce1d2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\e

Imports

advapi32

CryptGetUserKey
RegQueryInfoKeyA
LookupAccountSidW
LookupSecurityDescriptorPartsW
LookupPrivilegeDisplayNameW
CryptDestroyHash
LookupAccountNameA
RegSetValueW
CryptDestroyKey
RegConnectRegistryA
CryptHashData
StartServiceA
CryptGetHashParam
RegDeleteKeyW
RegQueryValueExA
GetUserNameA

user32

DefWindowProcA
ShowWindow
GetKeyNameTextA
DialogBoxParamW
PostThreadMessageA
MapVirtualKeyExW
EnumDesktopsA
SetWindowsHookA
SetClassWord
DlgDirListA
FlashWindow
DestroyWindow
GetWindowTextW
CharNextW
PostThreadMessageW
ShowScrollBar
DdeKeepStringHandle
LoadBitmapW
AppendMenuA
BlockInput
RegisterClassA
ChildWindowFromPoint
SetScrollPos
MessageBoxA
CreateWindowExW
CharNextExA
ValidateRgn
RegisterClassExA
GetAncestor

comctl32

ImageList_Draw
ImageList_Create
ImageList_DrawIndirect
ImageList_LoadImageA
ImageList_GetIcon
ImageList_DragMove
ImageList_SetFilter
InitCommonControlsEx
DestroyPropertySheetPage
ImageList_SetFlags

kernel32

GetLastError
GetProcAddress
FlushFileBuffers
SetHandleCount
HeapDestroy
CompareStringW
IsBadReadPtr
GetStdHandle
GetCPInfo
GetEnvironmentStrings
SetConsoleCtrlHandler
EnumSystemLocalesA
GetSystemTimeAsFileTime
GetModuleFileNameA
SetStdHandle
GetSystemInfo
RtlUnwind
SetFilePointer
WriteFile
GetEnvironmentStringsW
CloseHandle
GetStartupInfoA
InterlockedDecrement
TlsGetValue
GetModuleHandleA
GetTimeZoneInformation
CreateMutexA
SetLastError
GetLocaleInfoA
TerminateProcess
GetCurrentProcess
VirtualFree
TlsSetValue
HeapFree
HeapValidate
UnhandledExceptionFilter
HeapAlloc
GetOEMCP
GetCurrentThread
GetStartupInfoW
GetTickCount
ReadFile
GetFullPathNameA
VirtualProtect
HeapReAlloc
SetEnvironmentVariableA
EnterCriticalSection
GetFileType
GetCurrentProcessId
GetCurrentThreadId
OutputDebugStringA
DeleteCriticalSection
GetCommandLineA
TlsFree
MultiByteToWideChar
IsBadWritePtr
FlushInstructionCache
TlsAlloc
GetModuleFileNameW
GetLocaleInfoW
InterlockedIncrement
InitializeCriticalSection
lstrcmpW
VirtualQuery
InterlockedExchange
IsValidCodePage
LCMapStringW
DebugBreak
QueryPerformanceCounter
GetTimeFormatA
LCMapStringA
ExitProcess
FreeEnvironmentStringsA
LeaveCriticalSection
OpenMutexA
VirtualAlloc
GetStringTypeW
GetCommandLineW
GetUserDefaultLCID
FreeEnvironmentStringsW
GetStringTypeA
CompareStringA
GetUserDefaultLangID
HeapCreate
IsValidLocale
LoadLibraryA
GetACP
WideCharToMultiByte
GetDateFormatA
GetVersionExA

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5578acedfb128b6e2ee6fd748ce1d2a

Headers

File Characteristics

PDB Paths

Imports

advapi32

user32

comctl32

kernel32

Sections

.text Size: 116KB - Virtual size: 114KB

.rdata Size: 80KB - Virtual size: 76KB

.data Size: 88KB - Virtual size: 96KB

.rsrc Size: 40KB - Virtual size: 37KB

.text
Size: 116KB - Virtual size: 114KB

.rdata
Size: 80KB - Virtual size: 76KB

.data
Size: 88KB - Virtual size: 96KB

.rsrc
Size: 40KB - Virtual size: 37KB