4b5e9d2cba4803935ab7b93f8d58aa39_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4b5e9d2cba4803935ab7b93f8d58aa39_JaffaCakes118
Size

920KB
MD5

4b5e9d2cba4803935ab7b93f8d58aa39
SHA1

4a2e96dcb9caa4e370cc01ff0f10d6a00b503dfe
SHA256

f88e8999500bc6ec321df3407076d609317cd23b505cf5b823ac0975ccd62210
SHA512

dd3f335ed74883fd0b0594bfb338ffe654cf7a68b98dab6efdf4596baf5ae8b5f1965973fc9931b66fb63e0b2ac10db98922752e4436c7de354dc58b09824736
SSDEEP

12288:AWujBP0shQn7QYovgtVncPnlY5QQi5otBG+K0HRLFU5x1hyZAoycx954lF/DiwET:AWujpEEXotVcPKCQiGu+NxhU5rkybl8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b5e9d2cba4803935ab7b93f8d58aa39_JaffaCakes118

Files

4b5e9d2cba4803935ab7b93f8d58aa39_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a8f739d5a7a9c4ec84c8e13f6cd55055

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

kernel32

GetStdHandle
RtlUnwind
SetUnhandledExceptionFilter
OutputDebugStringW
GetEnvironmentStringsW
WriteConsoleW
ReadFile
SetConsoleCtrlHandler
GetModuleHandleA
IsValidCodePage
RaiseException
GetTimeZoneInformation
LoadLibraryW
HeapDestroy
FlushFileBuffers
GetTickCount
GetLocaleInfoA
InterlockedExchange
LCMapStringA
IsDebuggerPresent
InterlockedIncrement
GetLastError
ExitProcess
HeapAlloc
InitializeCriticalSection
TlsSetValue
UnhandledExceptionFilter
HeapCreate
SetStdHandle
InterlockedDecrement
GetCurrentProcess
DebugBreak
DeleteCriticalSection
SetHandleCount
HeapReAlloc
CloseHandle
GetOEMCP
CreateFileA
GetACP
WriteConsoleA
GetStringTypeW
GetTimeFormatA
FreeEnvironmentStringsW
TlsFree
GetCurrentProcessId
HeapFree
GetSystemTimeAsFileTime
GetCurrentThreadId
IsBadReadPtr
CompareStringW
GetFileType
EnterCriticalSection
GetConsoleOutputCP
FreeEnvironmentStringsA
GetProcessHeap
GetEnvironmentStrings
SetLastError
WriteFile
GetConsoleCP
GetStringTypeA
VirtualAlloc
SetFilePointer
MultiByteToWideChar
LoadLibraryA
CreateMutexA
OutputDebugStringA
LCMapStringW
TlsGetValue
TlsAlloc
WideCharToMultiByte
GetModuleFileNameW
GetCPInfo
VirtualFree
GetVersionExA
GetProcAddress
GetModuleFileNameA
CompareStringA
HeapValidate
GetCommandLineA
TerminateProcess
SetEnvironmentVariableA
VirtualQuery
GetStartupInfoA
GetDateFormatA
QueryPerformanceCounter
LeaveCriticalSection
GetConsoleMode

gdi32

BeginPath
ScaleWindowExtEx
StretchBlt
SetAbortProc
ExtSelectClipRgn
GetPixel
RealizePalette
CreateFontW
CreatePen
SelectObject
PtVisible
GetStockObject
ExtTextOutA
SetViewportOrgEx
ScaleViewportExtEx
CreateDIBitmap
GetViewportOrgEx
ExcludeClipRect
SetPixel
BitBlt
CreateSolidBrush
CreateDIBSection
Polygon
DeleteDC
EndPath

shell32

DragFinish
ord155
ShellExecuteA
SHGetFileInfoA

user32

LoadBitmapA
DestroyWindow
GetWindowLongA
ValidateRect
MessageBoxA
TabbedTextOutA
GetDlgItem
TrackPopupMenuEx
GetWindowPlacement
FillRect
GetNextDlgTabItem
MapWindowPoints
LoadIconA
SetTimer
WinHelpA
RegisterClassA
IsWindowEnabled
GetSysColor
GetParent
PeekMessageA
ShowWindow
RegisterClassExA
GetClassInfoA
DestroyIcon
LoadCursorA
DefWindowProcA
CallNextHookEx
PostThreadMessageA
DrawTextA
FindWindowA
CreateWindowExA
GetMenuItemCount
ShowCaret
IsWindow
InvalidateRgn
EndDialog

advapi32

GetTokenInformation
FreeSid
CloseServiceHandle
InitializeSecurityDescriptor
RegEnumKeyExA
OpenServiceA
OpenProcessToken
ReportEventA
StartServiceCtrlDispatcherA
SetServiceStatus
CreateServiceA
RegDeleteKeyA
RegOpenKeyA
DeregisterEventSource
RegQueryInfoKeyA
RegSetValueExA
OpenThreadToken
RegCreateKeyA
CopySid
RegQueryValueExA
RegisterServiceCtrlHandlerA
GetLengthSid
RegisterEventSourceA
RegOpenKeyExA
RegCloseKey
ControlService
RegEnumValueA
RegCreateKeyExA
SetSecurityDescriptorDacl
RegDeleteValueA
DeleteService
GetUserNameA
AllocateAndInitializeSid
OpenSCManagerA

Sections

.text
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 508KB - Virtual size: 504KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8f739d5a7a9c4ec84c8e13f6cd55055

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

shell32

user32

advapi32

Sections

.text Size: 216KB - Virtual size: 215KB

.rdata Size: 508KB - Virtual size: 504KB

.data Size: 108KB - Virtual size: 133KB

.rsrc Size: 84KB - Virtual size: 83KB

.text
Size: 216KB - Virtual size: 215KB

.rdata
Size: 508KB - Virtual size: 504KB

.data
Size: 108KB - Virtual size: 133KB

.rsrc
Size: 84KB - Virtual size: 83KB