4ab617eb636d838f4c0d6a060afab13a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4ab617eb636d838f4c0d6a060afab13a_JaffaCakes118
Size

137KB
MD5

4ab617eb636d838f4c0d6a060afab13a
SHA1

1f90bd3035cbea8c053ed6fe5535faf219adb906
SHA256

80cf4dc4aa7f0f7acc73df43b9cf575807d0887d876729a69cbacb96f886c748
SHA512

a939be62fa393c78f39fc2784749cb7dc0f784967806ea1ed7ff16905b4ea36b719b96a1f1e6504123dfffe23fa796c7b15ab9d711a456673310d3a96f526640
SSDEEP

3072:MSmyNaOxsEnbiD+D0BL9Bj6OD0Di5Bs7ZbLoL0ZcgL:8wxsV+0lz6+0mTKNLoLor

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ab617eb636d838f4c0d6a060afab13a_JaffaCakes118

Files

4ab617eb636d838f4c0d6a060afab13a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e66461602f6b7d51f0fba30c1e1f62ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

QueryPerformanceCounter
FormatMessageA
GlobalLock
GetModuleHandleA
RtlUnwind
VirtualProtect
VirtualAlloc
GetLocalTime
GlobalUnlock
GetStartupInfoA

msvcrt

_acmdln
time
clearerr
__setusermatherr
__getmainargs
_stat
log10
_snprintf
exit
__p__commode
isxdigit
_adjust_fdiv
__set_app_type
__p__fmode
_setjmp
ftell
wcscat
atexit
_kbhit
_itoa
_except_handler3
_initterm
log
_controlfp
__p__environ
_XcptFilter
__p___initenv

version

VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerInstallFileW
VerInstallFileA
GetFileVersionInfoSizeW

advapi32

RegCreateKeyExW
RegDeleteValueA
SetSecurityDescriptorOwner
RegCloseKey
GetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegDeleteValueW
RegOpenKeyExW

user32

SetWindowsHookExA
LoadCursorA
ReleaseDC
RemoveMenu
ReleaseCapture
PostQuitMessage
KillTimer
GetActiveWindow
CharNextA
LoadIconA

gdi32

GetObjectType
GetTextFaceA
CreateDCA
CloseEnhMetaFile
SetDIBColorTable
GetEnhMetaFilePaletteEntries
OffsetRgn
EnumEnhMetaFile
ArcTo
GetDeviceCaps
GetMetaFileBitsEx

ole32

GetRunningObjectTable
CreateBindCtx
CoRegisterMessageFilter
CoTaskMemAlloc
CreateStreamOnHGlobal
CoTaskMemRealloc
CoUninitialize
CreateItemMoniker
CreateILockBytesOnHGlobal
RevokeDragDrop

oleaut32

SysFreeString
VariantCopy
CreateErrorInfo
SafeArrayGetElement
GetErrorInfo
SysAllocStringByteLen
GetActiveObject
SafeArrayPtrOfIndex
VariantClear
SetErrorInfo

shell32

SHGetFileInfo
SHGetDiskFreeSpaceExW
DragFinish
SHGetFolderPathA
DragQueryFileA
SHGetSpecialFolderLocation

comctl32

ImageList_GetBkColor
PropertySheetW
ImageList_Write
ImageList_AddMasked
ImageList_Create

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e66461602f6b7d51f0fba30c1e1f62ab

Headers

File Characteristics

Imports

kernel32

msvcrt

version

advapi32

user32

gdi32

ole32

oleaut32

shell32

comctl32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 17KB - Virtual size: 40KB

.rsrc Size: 101KB - Virtual size: 100KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 17KB - Virtual size: 40KB

.rsrc
Size: 101KB - Virtual size: 100KB