4a75e00e7e3778e9a4f5d11a45f077bb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4a75e00e7e3778e9a4f5d11a45f077bb_JaffaCakes118
Size

5.8MB
MD5

4a75e00e7e3778e9a4f5d11a45f077bb
SHA1

2288c56f7bfbaac72dea0981445d5ea5e716c43b
SHA256

86bf6b5fb87a41ff7eeb2f789338bd3a58d4854c2608bb7a72f443e79b50fbcc
SHA512

f6c722b15cb0abf8cf3c0805532c87640e2023218bb293e669a2deb7c6a98c4be81d698c1e1f7aab55de06d53281f3d01838045645f5259730ecb9e74eb13a01
SSDEEP

98304:Ke1r1r3IIv8mUt45HYd2770gxyK8kneJcoWxhwhZrdtt7I4aXyWm0H0UQzsHtM:K4Rr3nzK4ZYd2j8bKhQhVd0H0UsGe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a75e00e7e3778e9a4f5d11a45f077bb_JaffaCakes118

Files

4a75e00e7e3778e9a4f5d11a45f077bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ef6cf1518920166054ea1aa6abdd66f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_SetBkColor
ImageList_EndDrag
ImageList_SetOverlayImage
ImageList_BeginDrag

user32

TabbedTextOutW
GetAncestor
GetWindowTextA
LoadMenuIndirectW
CreateAcceleratorTableW
DefFrameProcW
CloseDesktop
SendMessageCallbackW
ShowCaret
DestroyCursor
TranslateMessage
GetSystemMenu
FillRect
GetMessageExtraInfo
SetClassLongA
RegisterWindowMessageW
UnregisterClassA
keybd_event
RegisterClassExW
SetWindowPos
CopyRect

oleaut32

SysStringLen
SafeArrayUnaccessData
SysFreeString
SafeArrayPutElement
VariantChangeType

kernel32

CompareStringA
LeaveCriticalSection
FreeResource
SetThreadPriorityBoost
SetHandleCount
ExitProcess
GetSystemTimeAdjustment
DeleteFiber
SetMailslotInfo
GetThreadPriority
SetVolumeLabelA
GetUserDefaultLangID
GetProfileStringA
GetCommandLineW
SetEnvironmentVariableA
GetModuleHandleA
DebugBreak
ScrollConsoleScreenBufferA
PurgeComm
GlobalAddAtomW
GetCPInfo
AllocConsole
DeleteCriticalSection
WritePrivateProfileStructA
IsDBCSLeadByteEx
GetSystemDefaultLangID
FindFirstFileW
CloseHandle
LocalFileTimeToFileTime
GetCommModemStatus
ConnectNamedPipe
OutputDebugStringW
LocalAlloc
GlobalGetAtomNameW
OpenMutexA
FlushConsoleInputBuffer
WriteProcessMemory
SetThreadLocale
SetCommTimeouts
CreateMutexA
SetEnvironmentVariableW
SetTimeZoneInformation
SetConsoleCursorPosition
WritePrivateProfileSectionA
GlobalFindAtomA
GetEnvironmentVariableW
CreateFileW
FillConsoleOutputCharacterA
ReadConsoleOutputA
GetStringTypeExW
GetFileInformationByHandle
LoadLibraryExW
GetDateFormatA
GetProfileIntA
SetConsoleOutputCP
FreeLibraryAndExitThread
EnumSystemCodePagesW
SuspendThread

ws2_32

WSAGetServiceClassNameByClassIdW
WSASetLastError
WSAAsyncGetProtoByNumber
WSALookupServiceEnd
WSASendDisconnect
WSAAddressToStringW
accept
recv

advapi32

GetNamedSecurityInfoW
CryptSignHashW
RegRestoreKeyW
OpenServiceA
RegQueryValueExA
CryptDestroyHash
GetSecurityInfo
CryptImportKey
RegSetValueExA
CryptGetKeyParam
CryptHashData
CloseEventLog
IsTextUnicode
MakeSelfRelativeSD
RegisterServiceCtrlHandlerW
SetSecurityDescriptorSacl
ClearEventLogW
RegConnectRegistryA
RegOpenKeyA
DestroyPrivateObjectSecurity
StartServiceA

Sections

.text
Size: 19KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ef6cf1518920166054ea1aa6abdd66f

Headers

File Characteristics

Imports

comctl32

user32

oleaut32

kernel32

ws2_32

advapi32

Sections

.text Size: 19KB - Virtual size: 271KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 5.5MB - Virtual size: 5.5MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 19KB - Virtual size: 271KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 5.5MB - Virtual size: 5.5MB

.rsrc
Size: 17KB - Virtual size: 16KB