4b340e7db3a8a977b7dd12f3566cf0f5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4b340e7db3a8a977b7dd12f3566cf0f5_JaffaCakes118
Size

2.4MB
MD5

4b340e7db3a8a977b7dd12f3566cf0f5
SHA1

c6d2d5e00135b901f398caef46cf4a5d6cd4d713
SHA256

9137f67d0d2595703ddb71a8724bbd8919dd9cc82184c80d97adfcf68f24c809
SHA512

4f8441562cd0e7dc134f22d166dd33a558b24027bc76750e45128ddae0110d99a2868b7a085e755c12371385c066cddea38e0a967b172d0350724f1db01a0c31
SSDEEP

49152:ysyf8nrBCbbTpSFzEsLb2cTcZ12WkRv6I32NxUIwwCbsDL7snuoOx+:yscmupIEsmwcifZi+ongnlOx+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b340e7db3a8a977b7dd12f3566cf0f5_JaffaCakes118

Files

4b340e7db3a8a977b7dd12f3566cf0f5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

57440282cba9c9e6585a047a24a28275

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

InflateRect
GetUpdateRect
ModifyMenuW
CreateAcceleratorTableW
CheckMenuRadioItem
RemovePropA
DialogBoxParamW
GetNextDlgGroupItem
ChangeMenuA
SetMenuItemBitmaps
GetKeyState
FillRect
DestroyWindow
SetCursor
GetMessageTime
SetCursorPos
LoadBitmapW
LoadStringW
AdjustWindowRectEx
RemoveMenu
DestroyMenu
IsMenu
GetWindowRect
GetWindowLongA
InsertMenuW
RedrawWindow

gdi32

GetMetaFileA
RectVisible
CreateSolidBrush
GetFontData
SetBkColor
GetObjectA
CreateDiscardableBitmap
CreateRectRgnIndirect
EnumFontFamiliesW
EnumFontsW
Ellipse
PtInRegion
UpdateColors
DeleteObject
CreateBrushIndirect
MoveToEx
CreateFontW
SelectObject

kernel32

GetLocaleInfoW
MultiByteToWideChar
GetShortPathNameA
GetPrivateProfileIntW
GlobalFree
CreateSemaphoreW
GetSystemInfo
MapViewOfFile
LoadLibraryExA
CreateWaitableTimerW
GetTimeFormatW
CompareFileTime
CreateMutexA
GetCPInfoExA
GetSystemDefaultLCID
GlobalUnlock
SleepEx
LoadLibraryA
FindResourceW
GlobalAlloc
VirtualQueryEx
GlobalSize
WaitForSingleObject
GetTickCount
SetEndOfFile
GetTimeZoneInformation
WaitForSingleObjectEx

crypt32

CertCloseStore
CryptProtectData
CertOpenStore
CryptHashPublicKeyInfo
CertFindCertificateInStore
CertFreeCertificateContext

comdlg32

GetFileTitleW
ChooseFontW
FindTextW
ChooseColorW
PrintDlgExW
GetOpenFileNameW
GetSaveFileNameW
GetOpenFileNameA
CommDlgExtendedError
PageSetupDlgW

msvcrt

exit
fflush
memcpy
floor
wcscspn
towlower
fgetwc
getchar
memset
printf
swscanf
strrchr

winspool.drv

DeviceCapabilitiesW

Exports

Exports

_Format_SysMessages@8
_OwLqi_jkNvw_w@8
_BxG_muom_cwpylB@16
_RpL_xlvdg_B@4
_KaKnf_cajy_qBWp@4
_VgF_fQZBf_c@12
_ReCalc_Used_Data@12

Sections

.code
Size: 512B - Virtual size: 6.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57440282cba9c9e6585a047a24a28275

Headers

File Characteristics

Imports

user32

gdi32

kernel32

crypt32

comdlg32

msvcrt

winspool.drv

Exports

Exports

Sections

.code Size: 512B - Virtual size: 6.5MB

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 6KB - Virtual size: 6KB

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.reloc Size: 1024B - Virtual size: 736B

.code
Size: 512B - Virtual size: 6.5MB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

.reloc
Size: 1024B - Virtual size: 736B