4b6c76264c42e98f4bc8396fda72d56b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4b6c76264c42e98f4bc8396fda72d56b_JaffaCakes118
Size

716KB
MD5

4b6c76264c42e98f4bc8396fda72d56b
SHA1

defab831a8576cf33e8fa954b760ece187b30d98
SHA256

2100d5ef813115a4678440dc3f423dfb823f2b8ef2a405f6bbb5f84f39674776
SHA512

9ae3aa6414f2d622200997896668345777a1a804bc47da7f788b15660486bcc52dc9dbb64e229d1736f89302314bc416010d02df4acf9a08fd6aef1486405c62
SSDEEP

12288:eqk6R0od82TVEGeuG2zCww/pujRV0d9mZ8WOa+oxWqbRWka:eYR0e82yn/oCN/pYj0dEZ87+xRbR9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b6c76264c42e98f4bc8396fda72d56b_JaffaCakes118

Files

4b6c76264c42e98f4bc8396fda72d56b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb63dab4c6b5c8ade631a851e7a8af9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidCreate
RpcStringFreeA
UuidToStringA
UuidCreateSequential

comdlg32

CommDlgExtendedError
PrintDlgA
GetOpenFileNameA

kernel32

GetModuleHandleA
ExitProcess
GetFileType
GetModuleHandleW
LoadLibraryA
QueryPerformanceCounter
GetCPInfo
InterlockedDecrement
GetTickCount
InitializeCriticalSection
InterlockedIncrement
TlsGetValue
GetACP
LoadLibraryW
GetTimeFormatA
InterlockedExchange
CloseHandle
TlsSetValue
HeapReAlloc
HeapAlloc
UnhandledExceptionFilter
GetStartupInfoW
VirtualFree
SetLastError
GetSystemTimeAsFileTime
Sleep
GetEnvironmentStrings
GetModuleFileNameA
FlushFileBuffers
ReadFile
CompareStringA
GetStartupInfoA
DeleteCriticalSection
TlsFree
IsDebuggerPresent
GetVersionExA
SetFilePointer
GetModuleFileNameW
CompareStringW
MultiByteToWideChar
GetStdHandle
CreateMutexW
GetCommandLineW
TerminateProcess
GetConsoleMode
WriteConsoleA
LeaveCriticalSection
CreateFileA
GetCurrentProcess
TlsAlloc
RaiseException
GetDateFormatA
HeapFree
FreeEnvironmentStringsA
GetConsoleOutputCP
GetCurrentThreadId
GetCurrentProcessId
GetProcAddress
GetTimeZoneInformation
SetHandleCount
SetUnhandledExceptionFilter
IsValidCodePage
LCMapStringW
HeapCreate
LCMapStringA
GetLastError
WriteFile
GetCommandLineA
WriteConsoleW
GetConsoleCP
EnterCriticalSection
GetLocaleInfoA
WideCharToMultiByte
RtlUnwind
VirtualQuery
HeapSize
VirtualAlloc
HeapDestroy
SetStdHandle
GetStringTypeA
GetOEMCP
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
GetEnvironmentStringsW
SetEnvironmentVariableA

ole32

OleTranslateAccelerator
CLSIDFromProgID
OleCreateLinkFromData
OleGetIconOfClass
OleUninitialize
OleGetClipboard
OleCreateFromFile
IsAccelerator
OleSaveToStream
OleCreateMenuDescriptor
OleSetMenuDescriptor
OleCreate
OleSave
OleCreateLinkToFile
OleDestroyMenuDescriptor
OleDuplicateData
CoRegisterMessageFilter

gdi32

GetDeviceCaps
GetTextMetricsA
GetMapMode
ExtTextOutW
GetObjectW
GetViewportExtEx
SetBkMode
GetStockObject
SetWindowExtEx
CreateDIBSection
RestoreDC
SetROP2
BitBlt
SetTextColor
ExcludeClipRect
StartPage
GetTextExtentPoint32W
MoveToEx
CreatePen
CopyMetaFileW
SetMapMode
EnumFontFamiliesExW
GetTextMetricsW
SelectClipRgn
StretchDIBits
RealizePalette
CreateCompatibleBitmap
DPtoLP
SetViewportExtEx
CreateRectRgnIndirect
CreateBitmap
DeleteObject
CreateCompatibleDC
ScaleWindowExtEx
EndDoc
LineTo
EndPage
CreateFontIndirectW
SetTextAlign
GetClipBox
GetBkColor
Polyline
GetRgnBox
CreateDCW
RectVisible
IntersectClipRect
PatBlt
GetBkMode
SetBkColor
SetStretchBltMode
SetViewportOrgEx
Ellipse
CreateRectRgn
GetCharWidthW
GetTextColor
CreatePatternBrush
ExtSelectClipRgn
PtVisible
GetWindowExtEx
StretchBlt
SetPixel
RoundRect
CreateSolidBrush
SelectPalette
CombineRgn
SaveDC
SelectObject
SetWindowOrgEx
CreateFontW
Rectangle
OffsetViewportOrgEx
TextOutW
GetPixel
Polygon
DeleteDC
Escape
GetDIBits
ScaleViewportExtEx

user32

LoadAcceleratorsW
SetFocus
DestroyIcon
wsprintfW
LoadStringW
EnableMenuItem
PostMessageW
SetDlgItemTextW
LoadBitmapW
SetTimer
GetWindowThreadProcessId
WindowFromPoint
CopyRect
RegisterClassW
GetClientRect
RegisterClassExW
GetCapture
ScreenToClient
SetWindowTextW
GetWindow
LoadIconW
IsZoomed
GetSystemMetrics
DestroyAcceleratorTable
GetNextDlgTabItem

Sections

.text
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 476KB - Virtual size: 474KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb63dab4c6b5c8ade631a851e7a8af9e

Headers

File Characteristics

Imports

rpcrt4

comdlg32

kernel32

ole32

gdi32

user32

Sections

.text Size: 108KB - Virtual size: 105KB

.rdata Size: 476KB - Virtual size: 474KB

.data Size: 96KB - Virtual size: 107KB

.rsrc Size: 32KB - Virtual size: 29KB

.text
Size: 108KB - Virtual size: 105KB

.rdata
Size: 476KB - Virtual size: 474KB

.data
Size: 96KB - Virtual size: 107KB

.rsrc
Size: 32KB - Virtual size: 29KB