4b1902290ab8c1b82375b7d08db336fe_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4b1902290ab8c1b82375b7d08db336fe_JaffaCakes118
Size

192KB
MD5

4b1902290ab8c1b82375b7d08db336fe
SHA1

0fd85d7f98f07712974115cfe10c0c4b2e616f29
SHA256

a7a5f495c163ed8b80d03c7b6685d97d543f561679ee2c7c0ab8a6da232975ff
SHA512

bba7ec93aa55db93f9d1ee4f6005876b72f52dbf8d65cbb6a1ea73a2d20e858e0d19bf339ab1178e3d7a541ece5ed7e71eeadaf693aef519fd02a9f335734e92
SSDEEP

3072:GtB+nraxtsudTuWPDhTfIEBvMj2eBIDxUTewKMhGfcEl3odYY8rN:GtBBmcZjJOeTm3El3oN4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b1902290ab8c1b82375b7d08db336fe_JaffaCakes118

Files

4b1902290ab8c1b82375b7d08db336fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e4c433dc326e1268ec9c43f5b7bdeb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetLengthSid
GetUserNameA
RegOpenKeyExA
RegDeleteKeyA
RegQueryValueA
RegQueryInfoKeyA
RegOpenKeyA
RegLoadKeyA

ole32

CoGetContextToken
CreateBindCtx
StgCreateDocfileOnILockBytes
CoGetObjectContext
GetHGlobalFromStream
CLSIDFromString

comdlg32

FindTextA
GetSaveFileNameA
GetFileTitleA
ChooseColorA

msvcrt

asin
srand
wcstol
log10
wcscspn
memcpy
sprintf
log

oleaut32

SysStringLen
RegisterTypeLib
SafeArrayGetUBound

kernel32

CreateEventA
SetEvent
LocalReAlloc
GetProcAddress
VirtualAllocEx
Sleep
LocalFree
GetSystemDefaultLangID
FreeResource
SetThreadLocale
GetStdHandle
GetVersion
GetCurrentProcessId
FormatMessageA
IsBadHugeReadPtr
lstrlenW
LoadLibraryExA
VirtualAlloc
GetFileAttributesA
ExitThread
CloseHandle
SetErrorMode
VirtualFree
GetModuleHandleA
FreeLibrary
LocalAlloc
LockResource
DeleteCriticalSection
CreateThread
GlobalFindAtomA
GetCurrentProcess
GetStringTypeA
lstrcmpA
HeapAlloc
WriteFile
ResetEvent
lstrcatA
lstrcpyA
GetCommandLineW
SetLastError
GetCurrentThread
MulDiv
GlobalDeleteAtom
CreateFileA
SizeofResource
WideCharToMultiByte
GetLastError
GetACP
GetVersionExA
DeleteFileA
MoveFileExA
LoadResource
SetHandleCount
ExitProcess
GetFullPathNameA
CreateThread
GlobalFindAtomA
GetOEMCP
ResetEvent
ExitProcess
GetStringTypeA
GetProcAddress
EnumCalendarInfoA
CreateEventA
GetStdHandle
GetModuleHandleW
SetThreadLocale
CreateFileA
SetEvent
WriteFile
LocalReAlloc
FindFirstFileA
GetCurrentProcess
GetLocaleInfoA
GetProcessHeap
GetEnvironmentStrings
GetModuleFileNameA
VirtualFree
GetFileAttributesA
FreeLibrary
CompareStringA
FindResourceA
EnterCriticalSection
GetCurrentProcessId
LocalFree
lstrcpyA
InitializeCriticalSection
GetDiskFreeSpaceA
GetLocalTime
LoadLibraryExA
lstrcmpA
LoadLibraryA
SetHandleCount
GlobalAlloc
lstrlenA
Sleep
VirtualAlloc
SizeofResource
MulDiv
HeapFree
GetSystemDefaultLangID
GetThreadLocale
LocalAlloc
GetVersionExA
GlobalDeleteAtom
MoveFileA
ReadFile
WaitForSingleObject
lstrlenW
GetSystemDefaultLangID
ExitThread
CloseHandle
GetVersionExA
lstrcpynA
GetACP
FreeLibrary
LoadLibraryExA
HeapAlloc
HeapFree
WideCharToMultiByte
MoveFileA
ReadFile
lstrcatA
GetCommandLineW
GetCommandLineA
GetCurrentThreadId
GetStartupInfoA
GetLocaleInfoA
GetCurrentProcessId
GetModuleHandleA
ExitProcess
GetCPInfo
GetOEMCP
IsBadHugeReadPtr
FindResourceA
GetLocalTime
VirtualQuery
GetTickCount
FindFirstFileA
SetEndOfFile
InitializeCriticalSection
GetLastError
VirtualAllocEx
CreateThread
GetFullPathNameA
GetEnvironmentStrings
SetHandleCount
GetCurrentProcess
GetProcAddress
SetThreadLocale
FreeResource
EnumCalendarInfoA
RaiseException
LocalFree
IsBadReadPtr
GlobalAlloc
lstrcmpA
FindClose
GetModuleHandleW
LoadLibraryA

gdi32

GetClipBox
CreatePalette
CreateDIBitmap
CreateDIBSection
GetDIBits
GetRgnBox

shell32

SHGetDesktopFolder
SHGetDiskFreeSpaceA

shlwapi

SHDeleteValueA
PathFileExistsA

version

GetFileVersionInfoSizeA
VerQueryValueA

comctl32

ImageList_GetBkColor
ImageList_Write
ImageList_Add
ImageList_Create
ImageList_Write
ImageList_Draw
ImageList_DragShowNolock
ImageList_GetBkColor
ImageList_Destroy
ImageList_DrawEx
ImageList_Add
ImageList_Read

user32

CloseClipboard
SetScrollRange
LoadIconA
SetCursor
TranslateMDISysAccel
wsprintfA
SetWindowPlacement
IsWindowUnicode
DispatchMessageA
GetParent
DrawTextA
SetClassLongA
CreateMenu
GetScrollRange
IntersectRect
RedrawWindow
LoadBitmapA
CallNextHookEx
EnableMenuItem
RemoveMenu
IsRectEmpty
EnableScrollBar
SetParent

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 117B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e4c433dc326e1268ec9c43f5b7bdeb5

Headers

File Characteristics

Imports

advapi32

ole32

comdlg32

msvcrt

oleaut32

kernel32

gdi32

shell32

shlwapi

version

comctl32

user32

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 117B

.bss Size: 12KB - Virtual size: 8KB

.ddata Size: 64KB - Virtual size: 62KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 117B

.bss
Size: 12KB - Virtual size: 8KB

.ddata
Size: 64KB - Virtual size: 62KB

.rsrc
Size: 8KB - Virtual size: 7KB