4b18b0241df205d76ba9c2fbaceb31d5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4b18b0241df205d76ba9c2fbaceb31d5_JaffaCakes118
Size

325KB
MD5

4b18b0241df205d76ba9c2fbaceb31d5
SHA1

255f17a247dcaf373f74aa6fb3b10dc8500938b6
SHA256

ea1dd4737f29bdb8211e0f25256babbe1bb495a36acfc4e3d77681c504d3d9d4
SHA512

87c16ea6210016f0a851623b921b83ddc0789a3aa00619adff9fd4115ef122653eb6eaf8fb89785f3d788aa6f89be916c29e61734a0406731090fce3c731c3f3
SSDEEP

6144:N5GWL7weEqLuXsIUP7txm0zzVlu+la9auw6JLZ6yeTC4IgIW4y:MLsIuXmoBo+6aQtneT8gZb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b18b0241df205d76ba9c2fbaceb31d5_JaffaCakes118

Files

4b18b0241df205d76ba9c2fbaceb31d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c7e8027360e5e53e48a10e717ad142c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
GetModuleHandleW
GetModuleHandleA
GetLastError
GetProcAddress
LoadLibraryW
SetLastError
OutputDebugStringA
LoadLibraryA
ExpandEnvironmentStringsW
lstrcatW
GlobalMemoryStatusEx
lstrlenA
GetVersionExW
TerminateProcess
GetModuleFileNameW
SetEnvironmentVariableW
MultiByteToWideChar
HeapSetInformation
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
UnhandledExceptionFilter
lstrlenW
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
GetCommandLineA
GlobalFree
VirtualProtect
GetCurrentProcess
GlobalAlloc

user32

SetDlgItemTextW
SendDlgItemMessageW
wsprintfW
MessageBeep
IsWindowEnabled
ReleaseDC
ShowWindow
SetWindowTextW
GetDlgItemInt
CheckDlgButton
IsDlgButtonChecked
WinHelpW
MessageBoxW
LoadStringW
GetParent
SendMessageW
SetFocus
GetDlgItem
EnableWindow
EndDialog
LoadImageW
MapDialogRect
SetDlgItemInt

advapi32

RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW
RegEnumKeyExW

gdi32

DeleteObject

ole32

CoCreateInstance
OleRun
CoQueryProxyBlanket
CoTaskMemFree
CoTaskMemAlloc
CoGetInterfaceAndReleaseStream
CoInitializeEx
CoRegisterSurrogateEx
CLSIDFromString
CoUninitialize

msvcr71

_XcptFilter
_exit
_c_exit
_ismbblead
exit
_acmdln
_initterm
_amsg_exit
_cexit
_controlfp
_stricmp
wcsncmp
ceil
wcsncpy
wcsstr
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__dllonexit
_onexit
__getmainargs
wcsncat
wcscat
free
wcscpy
swprintf
_itow
swscanf
_except_handler3

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 288KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7e8027360e5e53e48a10e717ad142c1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcr71

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 288KB - Virtual size: 287KB

.data Size: 4KB - Virtual size: 286KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 288KB - Virtual size: 287KB

.data
Size: 4KB - Virtual size: 286KB

.rsrc
Size: 1KB - Virtual size: 1KB