4b4e23c58922f4b0dceb3b3902e8aa2e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4b4e23c58922f4b0dceb3b3902e8aa2e_JaffaCakes118
Size

248KB
MD5

4b4e23c58922f4b0dceb3b3902e8aa2e
SHA1

38c4ebb488ffabc6d2d067f74b7580eac33fa127
SHA256

291c38fedf25b962fcbfb3eaed5216a75e05d01f9a542ec438d204212703c534
SHA512

354ebb8c5c0df16192b2344af27fea48c0d56c8bc2809b225120bad4c5b4b05075730e0fc423892742be26614e5b76b4180c15f310177fb647137387f38e1bd7
SSDEEP

3072:Gi5+8pugCdPL0cQLRadLQFIvmeVXzmrGmeCAGioVVY4gxeQxhZ427zWLu/R8OVZa:GZ8pmUmMFNUK6Ai77AsbdzOOk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b4e23c58922f4b0dceb3b3902e8aa2e_JaffaCakes118

Files

4b4e23c58922f4b0dceb3b3902e8aa2e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

52f94a2555519e5dbb45511f7e7a5e4c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalReAlloc
CreateFileW
_hread
SetThreadAffinityMask
GetDriveTypeW
GetFileInformationByHandle
UnmapViewOfFile
lstrcmpiW
GetCPInfo
SetEnvironmentVariableW
GetUserDefaultLangID
GetThreadContext
FlushConsoleInputBuffer
GetSystemTimeAdjustment
GlobalUnlock
GetFullPathNameA
WaitNamedPipeA
ReadConsoleInputW
PeekConsoleInputW
SetMailslotInfo
GetBinaryTypeA
_lclose
GetEnvironmentVariableW
PulseEvent
FlushFileBuffers
GetModuleFileNameW
_lread
GetCommandLineA
FreeLibraryAndExitThread
GetFileType
CreateEventA
SetStdHandle
GetSystemTime
lstrcpyA
GetUserDefaultLCID
GetBinaryTypeW
SetProcessShutdownParameters
_lopen
RemoveDirectoryW
GetCurrentProcessId
DosDateTimeToFileTime
GetProfileIntA
LocalLock
VirtualQueryEx
SetNamedPipeHandleState
DeleteFiber
SetCommTimeouts
SetThreadLocale
FormatMessageW
GetDiskFreeSpaceW
GlobalFindAtomA
SetupComm
LoadLibraryExW
GetCommConfig
GetComputerNameW
MoveFileW
CreateMutexW
GetSystemDirectoryW
GetWindowsDirectoryA
GlobalFree
LocalReAlloc
GetCurrentDirectoryW
GetStringTypeExW
OutputDebugStringA
EnumDateFormatsW
VirtualProtect
GetVersionExA
lstrlenA
VirtualAlloc
GetHandleInformation
ExitProcess

user32

UnregisterDeviceNotification
DeferWindowPos
GetMenuDefaultItem
BroadcastSystemMessageA
GetKeyboardLayoutNameW
CreateMenu
SetScrollInfo
GetDialogBaseUnits
OpenClipboard
ChangeMenuW
GetScrollPos
IsDialogMessageA
IsWindow
InflateRect
GetThreadDesktop
EnableWindow
RemoveMenu
GetNextDlgGroupItem
SetSysColors
GetDlgCtrlID
GetWindowWord
CharToOemW
EmptyClipboard
CreatePopupMenu
DrawMenuBar
SetCursorPos
ChangeDisplaySettingsExA
WindowFromDC
SetActiveWindow
wvsprintfA
MessageBeep
EnumDisplayDevicesA
SetPropA
GetScrollRange
MessageBoxExA
DialogBoxIndirectParamW
EndDeferWindowPos
IsIconic
DefFrameProcW
InvalidateRect
GetKeyboardLayout
MessageBoxIndirectW
UnhookWindowsHookEx
UnhookWindowsHook
GetQueueStatus
CallWindowProcW
CharUpperW

gdi32

GetLayout
SetTextCharacterExtra
SetWindowExtEx
PolyPolyline
Pie
RestoreDC
StrokePath
GetClipBox
SetWinMetaFileBits
ScaleViewportExtEx
SelectClipRgn
SetGraphicsMode
PolylineTo
SetSystemPaletteUse
PolyDraw
TranslateCharsetInfo
FillPath

advapi32

PrivilegeCheck
DeleteAce
IsValidSecurityDescriptor
OpenThreadToken
GetServiceDisplayNameW
OpenSCManagerA
UnlockServiceDatabase
RegSetValueExA
CreateProcessAsUserA
CryptGetUserKey
FreeSid
AbortSystemShutdownW
MakeAbsoluteSD
GetExplicitEntriesFromAclW
OpenServiceA
RegEnumKeyA
RegSetValueW
AccessCheckAndAuditAlarmA
RegLoadKeyW
RegCloseKey
RegUnLoadKeyA
GetSecurityDescriptorLength
RegDeleteValueA
CreateServiceA

shell32

DragFinish
SHAddToRecentDocs
SHBrowseForFolderA
SHGetSpecialFolderLocation

ole32

CreateStreamOnHGlobal
StringFromGUID2
CoRegisterClassObject
GetRunningObjectTable
StgCreateStorageEx
CoGetTreatAsClass
CoFreeAllLibraries
CoReleaseMarshalData
OleConvertIStorageToOLESTREAM

oleaut32

SetErrorInfo
SafeArrayPutElement
VariantCopy
QueryPathOfRegTypeLi
SafeArrayCreate
SafeArrayGetLBound
LoadTypeLi

shlwapi

StrToIntW
PathIsURLW
StrChrIW
PathIsUNCServerW
StrStrA
StrChrIA
StrStrIA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

52f94a2555519e5dbb45511f7e7a5e4c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 232KB - Virtual size: 229KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 232KB - Virtual size: 229KB