4b3e3f37f462f1a1bd20d5108fe283e5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4b3e3f37f462f1a1bd20d5108fe283e5_JaffaCakes118
Size

235KB
MD5

4b3e3f37f462f1a1bd20d5108fe283e5
SHA1

b4789c04ca36963008c5fd0ad137ec15e84a415a
SHA256

4a2f316ddc5a7caa9dfcb585dda26b2f61b3df538b1a85b2a07cd1cb0dc4bad4
SHA512

8e48b84010e1ae5c68881d342fbf89b352a6ae999c72a5d6f0c2fefaa908eac4fc121611e827a5ad76bcb7b49710815c2bc5a36c5dc4afbb928c8d30733f8580
SSDEEP

6144:GdGfMMpzSnWr2Kw9Cj8b+MBR73z2jXngJG:A6BzSKilbLRPEgJG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b3e3f37f462f1a1bd20d5108fe283e5_JaffaCakes118

Files

4b3e3f37f462f1a1bd20d5108fe283e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3f3a145d3920e34d9cce188e561fd637

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCalendarInfoA
CreateMutexW
CompareFileTime
CreateDirectoryA
MultiByteToWideChar
lstrcpyW
DisconnectNamedPipe
GetSystemDefaultLangID
QueryPerformanceCounter
OpenMutexW
InitializeCriticalSection
GetLogicalDriveStringsW
SetLocaleInfoW
GetExpandedNameW
GetDiskFreeSpaceA
GetVersionExA
GetSystemDirectoryW
IsBadReadPtr
GetUserDefaultLCID
FatalAppExitA
lstrcmpW
GetTempFileNameW
GetTimeFormatA
GetModuleFileNameA
GetTimeFormatW
lstrlen
HeapCreate
OpenSemaphoreW
GetCurrentDirectoryA
GetProcAddress
RaiseException
OpenFile
IsBadCodePtr
ExpandEnvironmentStringsA
OpenMutexA
MulDiv
GetVolumeInformationW
GetEnvironmentStringsW
AddAtomA
GetTempPathW
LoadLibraryExA
GetShortPathNameA

user32

UpdateLayeredWindow
InvalidateRect
GetSysColorBrush
CreateDialogIndirectParamW
LoadIconA
DefWindowProcA
SetWindowPos
GetMenuInfo
DestroyMenu
RegisterClassExW
wvsprintfW
SendMessageW
CharLowerW

gdi32

CreateMetaFileW
CreateBitmapIndirect
CreateDIBPatternBrushPt
CreateEllipticRgn
CreateRoundRectRgn
CreateFontA
CreateScalableFontResourceA
CreateICA
CreateSolidBrush

version

VerInstallFileA
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoW

wininet

InternetOpenW
InternetSetDialStateW

inetcomm

MimeOleSMimeCapsFromDlg
MimeOleParseRfc822Address
EssMLHistoryDecodeEx
MimeOleGetBodyPropW

crypt32

CryptVerifyMessageHash
I_CryptUninstallAsn1Module
CertDuplicateCTLContext
CertCreateCertificateContext
CertSerializeCRLStoreElement

Sections

.ati
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RXgMGq
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lh
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HaP
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.EO
Size: 3KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d
Size: 2KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DEqH
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EEFHI
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsG
Size: 9KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f3a145d3920e34d9cce188e561fd637

Headers

File Characteristics

Imports

kernel32

user32

gdi32

version

wininet

inetcomm

crypt32

Sections

.ati Size: 6KB - Virtual size: 5KB

.RXgMGq Size: 86KB - Virtual size: 85KB

.lh Size: 3KB - Virtual size: 7KB

.HaP Size: 12KB - Virtual size: 12KB

.EO Size: 3KB - Virtual size: 157KB

.d Size: 2KB - Virtual size: 36KB

.DEqH Size: 4KB - Virtual size: 5KB

.EEFHI Size: 85KB - Virtual size: 85KB

.rsG Size: 9KB - Virtual size: 263KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 1024B - Virtual size: 1024B

.ati
Size: 6KB - Virtual size: 5KB

.RXgMGq
Size: 86KB - Virtual size: 85KB

.lh
Size: 3KB - Virtual size: 7KB

.HaP
Size: 12KB - Virtual size: 12KB

.EO
Size: 3KB - Virtual size: 157KB

.d
Size: 2KB - Virtual size: 36KB

.DEqH
Size: 4KB - Virtual size: 5KB

.EEFHI
Size: 85KB - Virtual size: 85KB

.rsG
Size: 9KB - Virtual size: 263KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1024B - Virtual size: 1024B