49fd3505303e2c999c41c3d735bbd0fa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

49fd3505303e2c999c41c3d735bbd0fa_JaffaCakes118
Size

73KB
MD5

49fd3505303e2c999c41c3d735bbd0fa
SHA1

1ac5f5fd999cf898517f31503a82ada2f028ba10
SHA256

af76b5627cca676cad33eee37cce02b1fdf6bd48e6d04631532e2f421ab5f518
SHA512

e4d4f06b096473c78e0535867b259c8928d1d76c8939fa5a9ab9df3fe7bf2bfdf021cb8e89285974c1c10b9041ab0f2425a677df59dff5f9e040812c0f6400ca
SSDEEP

1536:Scz7TW4MYlQqk9USqB7HrtrYSIykkWz7HABfB1f:dqYlVx/BHuSmFOfz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49fd3505303e2c999c41c3d735bbd0fa_JaffaCakes118

Files

49fd3505303e2c999c41c3d735bbd0fa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d5734086ed14684c25b1411d04a9066

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
EnumResourceTypesW
FindFirstFileExW
SetEnvironmentVariableA
lstrcpyW
PrepareTape
IsBadWritePtr
GetConsoleAliasA
SearchPathW
VirtualAlloc
SetStdHandle
ReadConsoleOutputAttribute
lstrcmpiA
GetPrivateProfileSectionNamesW
GetVolumeInformationW
GetProfileSectionA
PeekConsoleInputW
GetCurrentDirectoryW
FindAtomW
GetConsoleAliasExesLengthA
WideCharToMultiByte
OpenConsoleW
CallNamedPipeW
MapViewOfFile
GetShortPathNameW
ScrollConsoleScreenBufferW
GetFileType
RtlZeroMemory
GetThreadSelectorEntry
IsDebuggerPresent
ReadConsoleInputExA
GetFileAttributesW
TlsAlloc
VirtualQuery
DisableThreadLibraryCalls
SetConsoleOutputCP
GetEnvironmentStringsA
CompareStringW

user32

SetMenuItemBitmaps
SetWindowRgn
GetClassNameW
CharNextA
ShowOwnedPopups
IsRectEmpty
SetCursor
DrawTextExW
ShowCaret
OpenIcon
SetDlgItemTextA
SetRectEmpty
GetClassInfoW
SetDlgItemInt
GetClientRect
SetConsoleReserveKeys

gdi32

PatBlt
AddFontResourceW
GetPixel
SetGraphicsMode
PolyBezier
GetColorAdjustment
ExtEscape
SetBkColor
GetDIBColorTable
CancelDC
Escape
SaveDC
GetKerningPairsA
GetStockObject
GdiConvertMetaFilePict
cGetTTFFromFOT
StartDocW
Polyline
GetGlyphOutlineA
GetTextColor
GdiCleanCacheDC
GetFontResourceInfoW
GetCharacterPlacementW

ole32

CoQueryReleaseObject
OleQueryLinkFromData
IIDFromString
HBRUSH_UserSize
IsAccelerator
OleDraw
WdtpInterfacePointer_UserSize
WdtpInterfacePointer_UserFree
OleNoteObjectVisible
CoInitializeSecurity
CoCopyProxy
SNB_UserMarshal
HPALETTE_UserFree
GetClassFile
HACCEL_UserFree
CoGetInstanceFromFile
OleCreateFromData
CoInitializeEx

Sections

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 2KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 62KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9d5734086ed14684c25b1411d04a9066

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

Sections

.data Size: 4KB - Virtual size: 8KB

BSS Size: 2KB - Virtual size: 80KB

.text Size: 62KB - Virtual size: 156KB

.idata Size: 4KB - Virtual size: 72KB

.data
Size: 4KB - Virtual size: 8KB

BSS
Size: 2KB - Virtual size: 80KB

.text
Size: 62KB - Virtual size: 156KB

.idata
Size: 4KB - Virtual size: 72KB