4a5fe9a801f2af8a37b44dd90f7100f9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4a5fe9a801f2af8a37b44dd90f7100f9_JaffaCakes118
Size

143KB
MD5

4a5fe9a801f2af8a37b44dd90f7100f9
SHA1

47ab921ba196eb7e5c22bf3112fb3a4fa0f1f3c5
SHA256

c1a6c037d8c6ff23690af18c92fe0a41473faec62018b9040256907f6e128b06
SHA512

e26ed6c643e974a8ce6f59b8a668c865d775715377eec62f378bebcb8488143399c2f4a1295f1e725dfce5a3339d86e980ce8d5d2ef97d8daa38573430c6a5a1
SSDEEP

3072:KQnabReGyb1awB4R3kqpxQtV6dlQalOXUOvMYlx+R/CFzgKAo6y:1aIb/B4FksBlMzXT+1CFzNh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a5fe9a801f2af8a37b44dd90f7100f9_JaffaCakes118

Files

4a5fe9a801f2af8a37b44dd90f7100f9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1ed1246c92e2e0f16b137f5dc44d100f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetDiskFreeSpaceA
lstrcpynA
GetConsoleOutputCP
lstrcatA
lstrcpyA
GetLocalTime
IsBadReadPtr
IsDebuggerPresent
GetStartupInfoA
GetTempFileNameA
VirtualProtect
lstrcmpA
FreeEnvironmentStringsW
ExitProcess
OpenProcess
SetHandleCount
GetCommandLineW
GetModuleHandleA

msvcrt

_wcsicmp
exit
_except_handler3
_initterm
__p__commode
__set_app_type
__p__fmode
_controlfp
_flsbuf
__getmainargs
fopen
_wcsupr
_XcptFilter
_setjmp3
_errno
__setusermatherr
iswctype
_getcwd
fgets
log
calloc
_acmdln
_adjust_fdiv

user32

CreateMenu
TrackPopupMenu
GetScrollPos
MessageBoxA
CharLowerA
GetMessageA
FrameRect
GetCursorPos
GetWindowThreadProcessId
GetKeyState
SendMessageA
EndPaint

shell32

ShellExecuteA
SHBrowseForFolder
SHGetFileInfo
SHGetFileInfoA
SHFileOperationA
SHBindToParent
Shell_NotifyIconW
SHGetSpecialFolderPathA
SHGetSpecialFolderLocation
ShellExecuteExA
DragFinish
SHGetPathFromIDListA

advapi32

CryptGenRandom
AddAccessAllowedAce
SetSecurityDescriptorOwner
CloseServiceHandle
RegOpenKeyW
RegQueryInfoKeyW
InitializeSecurityDescriptor
GetUserNameA
SetSecurityDescriptorGroup

comctl32

ImageList_ReplaceIcon
ImageList_EndDrag
ImageList_Write
ImageList_GetIconSize
ImageList_BeginDrag
ImageList_Read
ImageList_AddMasked
ImageList_Destroy
ImageList_Remove
ImageList_GetBkColor

version

GetFileVersionInfoA
VerInstallFileW
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerLanguageNameA

gdi32

GetClipBox
DeleteDC
AbortDoc
GetWindowExtEx
RemoveFontResourceA
GetPaletteEntries
Polygon
CreateDIBSection
PlayMetaFile
GetTextFaceW

ole32

CoFreeUnusedLibraries
DoDragDrop
ReleaseStgMedium
CLSIDFromString
IIDFromString
OleSetClipboard
OleDraw

oleaut32

VariantClear
SafeArrayGetElement
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayPtrOfIndex

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ed1246c92e2e0f16b137f5dc44d100f

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

shell32

advapi32

comctl32

version

gdi32

ole32

oleaut32

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 18KB - Virtual size: 41KB

.rsrc Size: 106KB - Virtual size: 106KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 18KB - Virtual size: 41KB

.rsrc
Size: 106KB - Virtual size: 106KB