4b0f68825c78724f807908ed6a5e4f65_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4b0f68825c78724f807908ed6a5e4f65_JaffaCakes118
Size

487KB
MD5

4b0f68825c78724f807908ed6a5e4f65
SHA1

1a0202abdb0fc8898814f5b7f3bb150eac50e808
SHA256

c7c11eba0b594bf86e7dedcace91442db7b58121bd6b22da4ed6b6738167ed52
SHA512

3bd05b8a6be409ef519c860b8981124759d37a6ae9fafee670c1f4d4ca434c226beaf050b8324305e0a63f64045a9b0d1f83f62807b028270b571ec689eaf08b
SSDEEP

12288:D1ZtcEqwlkmz0WyDrL+Kex0b+rKuCnGKDw:D1ZtlkmwWyfL+KLyrcGKDw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b0f68825c78724f807908ed6a5e4f65_JaffaCakes118

Files

4b0f68825c78724f807908ed6a5e4f65_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a784e34b6fb7dc7154a1ffb6fdb7ebfc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SwapMouseButton
CountClipboardFormats
RegisterClassExA
DlgDirSelectExA
DestroyWindow
PostThreadMessageA
SendIMEMessageExW
RegisterClassA
ArrangeIconicWindows
CharToOemBuffW
IsWindowVisible
VkKeyScanA
GetAsyncKeyState
GetClassInfoExW
IsCharLowerA
CreateAcceleratorTableA
LoadStringW

wininet

InternetWriteFile
FindNextUrlCacheEntryExA
InternetReadFileExA
InternetTimeToSystemTimeA
InternetShowSecurityInfoByURLA
InternetAttemptConnect
UpdateUrlCacheContentPath

comctl32

InitCommonControlsEx

kernel32

CreateMutexA
GetThreadTimes
TlsGetValue
LoadLibraryA
WideCharToMultiByte
CompareStringA
SetConsoleCtrlHandler
InterlockedCompareExchange
GetCurrentProcessId
CreateRemoteThread
EnterCriticalSection
VirtualQuery
SetHandleCount
SetConsoleActiveScreenBuffer
GetLastError
EnumResourceTypesA
FlushFileBuffers
SetLastError
InterlockedIncrement
GetCurrentProcess
LCMapStringA
LeaveCriticalSection
RtlUnwind
lstrlenW
GetFileType
VirtualAlloc
GetVersionExW
HeapValidate
GetFileAttributesW
CompareStringW
GetEnvironmentStringsW
GetTimeZoneInformation
GetSystemTime
TlsAlloc
WriteFileEx
OpenMutexA
GetCommandLineA
TlsSetValue
GetProcessHeap
HeapFree
HeapAlloc
GetLocalTime
GetOEMCP
CreateMailslotW
GetVersion
SetFilePointer
InitializeCriticalSection
FileTimeToDosDateTime
IsBadReadPtr
InterlockedDecrement
FreeEnvironmentStringsW
GetACP
GetSystemTimeAsFileTime
WriteProfileStringW
GetStartupInfoA
HeapCreate
HeapDestroy
ReadFile
GetProcAddress
SetEnvironmentVariableA
HeapReAlloc
GetConsoleMode
GetCPInfo
GetStringTypeA
WriteFile
GlobalUnfix
FindResourceExA
ReadConsoleInputW
ExitProcess
UnhandledExceptionFilter
GetStringTypeW
GetStdHandle
GetCurrentThread
GetCurrentThreadId
GetTickCount
GetModuleFileNameA
TlsFree
SetStdHandle
HeapLock
VirtualFree
OutputDebugStringA
GetEnvironmentStrings
RtlMoveMemory
DeleteCriticalSection
InterlockedExchange
IsBadWritePtr
LocalFileTimeToFileTime
LCMapStringW
QueryPerformanceCounter
CloseHandle
FreeEnvironmentStringsA
GlobalCompact
DebugBreak
EnumResourceTypesW
GetModuleHandleA
MultiByteToWideChar
GetPriorityClass
TerminateProcess

advapi32

LookupAccountSidW
StartServiceA
DuplicateToken
RegQueryInfoKeyW

Sections

.text
Size: 339KB - Virtual size: 339KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a784e34b6fb7dc7154a1ffb6fdb7ebfc

Headers

File Characteristics

Imports

user32

wininet

comctl32

kernel32

advapi32

Sections

.text Size: 339KB - Virtual size: 339KB

.rdata Size: 33KB - Virtual size: 42KB

.data Size: 102KB - Virtual size: 101KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 339KB - Virtual size: 339KB

.rdata
Size: 33KB - Virtual size: 42KB

.data
Size: 102KB - Virtual size: 101KB

.rsrc
Size: 11KB - Virtual size: 11KB