49f648b493af28fde90fd55e2a256829_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

49f648b493af28fde90fd55e2a256829_JaffaCakes118
Size

380KB
MD5

49f648b493af28fde90fd55e2a256829
SHA1

84432fa6f350dcfee680876a470721d7a10dcfe6
SHA256

2ecb2121b889321d4e1bbc8cb9a49a6b7790c5c4bf60281496498e592db469f6
SHA512

d3b238e8e4fbb886c6b9d972bea91debb7bdf7b605b00a30cd2f68ba3a1df5a7cdc08a50e74a897f48d0f6f4e690cc84112975762135b9fb6707d7b0549d1567
SSDEEP

6144:C9fWvgtvbfvdwUQnq/f9D5FR5CWUIaoevMyprQjxAux79K3J:o7TixnYD5XEWUIaLtQyGkZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49f648b493af28fde90fd55e2a256829_JaffaCakes118

Files

49f648b493af28fde90fd55e2a256829_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f4ffbc40049f2a0fc19dcd30f3ca45ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetModuleFileNameA
GetLocaleInfoW
GetOEMCP
GetTimeZoneInformation
GetEnvironmentStrings
OpenMutexA
FreeEnvironmentStringsA
TlsFree
GetThreadSelectorEntry
HeapSize
LCMapStringA
DuplicateHandle
FreeEnvironmentStringsW
EnterCriticalSection
ExitProcess
GetStringTypeA
GetProcAddress
LeaveCriticalSection
GetModuleHandleA
TlsGetValue
SetStdHandle
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStringsA
CreateMutexA
GetSystemTimeAsFileTime
WriteFile
GetLastError
GlobalGetAtomNameA
HeapReAlloc
ReadFile
GetProcAddress
TlsSetValue
CreateDirectoryA
UnhandledExceptionFilter
TlsAlloc
InitializeCriticalSection
GetProfileSectionA
GetUserDefaultLCID
GetACP
IsBadWritePtr
IsValidCodePage
FillConsoleOutputCharacterW
GetStartupInfoW
InterlockedExchange
LCMapStringW
GetTickCount
GetFileType
lstrcatA
GetModuleFileNameW
GetEnvironmentStringsW
CompareStringA
CompareStringW
HeapCreate
VirtualAlloc
RaiseException
GetTimeFormatA
RtlUnwind
FlushInstructionCache
CloseHandle
EnumSystemLocalesA
GetLocaleInfoA
VirtualProtect
SetHandleCount
VirtualFree
GetVersionExA
GetCommandLineW
HeapDestroy
HeapFree
TerminateProcess
QueryPerformanceCounter
SetLastError
GetStdHandle
GetCurrentProcess
GetStartupInfoA
HeapValidate
LocalAlloc
SetEnvironmentVariableW
ReadConsoleA
SetCurrentDirectoryA
VirtualQuery
GetCPInfo
HeapAlloc
FlushFileBuffers
WideCharToMultiByte
GetCommandLineA
MultiByteToWideChar
GetSystemTime
SetEnvironmentVariableA
GetSystemInfo
GetCurrentThread
IsValidLocale
DeleteCriticalSection
GetAtomNameW
GetStringTypeW
SetFilePointer
GlobalHandle
GetCurrentProcessId

user32

CharPrevA
RegisterClassA
KillTimer
WINNLSGetEnableStatus
EnumDesktopsA
OpenIcon
BroadcastSystemMessageW
TabbedTextOutW
RegisterClassExA
SetForegroundWindow
FlashWindow
UnhookWindowsHookEx

comctl32

InitCommonControlsEx

Sections

.text
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4ffbc40049f2a0fc19dcd30f3ca45ef

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 187KB - Virtual size: 186KB

.rdata Size: 8KB - Virtual size: 24KB

.data Size: 176KB - Virtual size: 175KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 187KB - Virtual size: 186KB

.rdata
Size: 8KB - Virtual size: 24KB

.data
Size: 176KB - Virtual size: 175KB

.rsrc
Size: 8KB - Virtual size: 8KB