4c1a0dfda77874841d55236332426de7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4c1a0dfda77874841d55236332426de7_JaffaCakes118
Size

1.5MB
MD5

4c1a0dfda77874841d55236332426de7
SHA1

38ed6861e2f84114ecfb7f4236a530b6bd1bfae8
SHA256

45cee7dba9b52abf80288efcb11f24b64f0ffe0051a0b08ac0bd5393995b64f4
SHA512

f207b490ce0c2c3b9e13ce52a0dccf15df15096e6c78eea086e4119b1b09a646c7bba7f2fee0e7e8c1e9e9c88c4eac326b04aecc4fb4df5233579a4351eba659
SSDEEP

49152:81JpokkJZU/wqDQ+9dv56zYu3KJWBksGgsHr+F:8CjO90z7KJWBkzu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c1a0dfda77874841d55236332426de7_JaffaCakes118

Files

4c1a0dfda77874841d55236332426de7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a94207f72a6994314bb27d07c0a03a96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassExA
GetListBoxInfo
RegisterClassA

shell32

SHGetPathFromIDListW

kernel32

SetStdHandle
SetConsoleOutputCP
GetLocaleInfoW
GetCurrentProcessId
GetConsoleMode
TlsFree
QueryPerformanceCounter
InterlockedIncrement
FreeEnvironmentStringsW
GetStdHandle
IsDebuggerPresent
GetStringTypeA
GetOEMCP
TlsAlloc
CompareStringA
WritePrivateProfileSectionA
WriteConsoleW
GetEnvironmentStringsW
GetProcAddress
GetConsoleScreenBufferInfo
InitializeCriticalSection
lstrcat
CommConfigDialogA
TlsSetValue
GetTickCount
LCMapStringW
GetCurrentProcess
SetFilePointer
GetModuleHandleA
SetHandleCount
SetThreadContext
GetCommandLineA
LCMapStringA
IsValidLocale
InterlockedExchange
EnterCriticalSection
CompareStringW
GetEnvironmentStrings
TlsGetValue
GetModuleFileNameA
GetPriorityClass
GetConsoleCP
ExitProcess
GetFileType
MultiByteToWideChar
CloseHandle
GetTimeFormatA
FreeEnvironmentStringsA
FreeLibrary
VirtualAlloc
GetTimeZoneInformation
HeapDestroy
HeapAlloc
CreateFileA
IsValidCodePage
InterlockedDecrement
HeapReAlloc
WriteConsoleA
GetCurrentThread
GetProcessHeap
CreateProcessW
GetUserDefaultLCID
TerminateProcess
GetACP
SetLastError
GlobalUnfix
DebugActiveProcess
EnumDateFormatsExA
GetLocaleInfoA
HeapCreate
SuspendThread
SetUnhandledExceptionFilter
DeleteCriticalSection
LeaveCriticalSection
CreateMutexA
WriteFile
SetEnvironmentVariableA
lstrcpynW
EnumSystemLocalesA
VirtualQuery
GetCPInfo
HeapSize
GetVersionExA
HeapFree
GetSystemTimeAsFileTime
UnhandledExceptionFilter
LoadLibraryA
WideCharToMultiByte
SetThreadAffinityMask
GetCurrencyFormatA
GetDateFormatA
GetCurrentThreadId
EnumResourceLanguagesA
GetStartupInfoA
GetConsoleOutputCP
ReadFile
OpenMutexA
SetConsoleCtrlHandler
Sleep
RtlUnwind
FlushFileBuffers
GetStringTypeW
VirtualFree
GetLastError

advapi32

RevertToSelf
RegDeleteKeyA
RegQueryValueW
RegOpenKeyExA
RegSaveKeyA
RegQueryValueExW
CryptEnumProviderTypesA
GetUserNameW
LookupPrivilegeDisplayNameA
RegCreateKeyExA
CreateServiceA
InitializeSecurityDescriptor
RegEnumKeyExA
RegDeleteValueA
AbortSystemShutdownA

comctl32

ImageList_Merge
ImageList_GetIcon
ImageList_Write
MakeDragList
ImageList_DragMove
ImageList_GetIconSize
ImageList_AddIcon
DestroyPropertySheetPage
ImageList_SetFilter
ImageList_GetDragImage
ImageList_GetBkColor
ImageList_Replace
ImageList_DrawIndirect
CreateStatusWindowA
CreateMappedBitmap
ImageList_Create
CreateStatusWindow
InitCommonControlsEx
ImageList_GetImageRect
GetEffectiveClientRect
_TrackMouseEvent

Sections

.text
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a94207f72a6994314bb27d07c0a03a96

Headers

File Characteristics

Imports

user32

shell32

kernel32

advapi32

comctl32

Sections

.text Size: 224KB - Virtual size: 223KB

.rdata Size: 240KB - Virtual size: 256KB

.data Size: 1.1MB - Virtual size: 1.1MB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 224KB - Virtual size: 223KB

.rdata
Size: 240KB - Virtual size: 256KB

.data
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 15KB - Virtual size: 15KB