4c0276f1a6cc40cd5f95b923c53d2ce0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4c0276f1a6cc40cd5f95b923c53d2ce0_JaffaCakes118
Size

724KB
MD5

4c0276f1a6cc40cd5f95b923c53d2ce0
SHA1

7f1bfde48567202e007c97aff82bfc68d478d260
SHA256

acd70782d5d82a2c61998be7b1292a71160e9ed7d7d754e23f1d852a41b1a25d
SHA512

d8cb0958cf41fe585b6b88b4799a5ff89f1df7e18796d5396f0f3e3c3e43610d3871aeb4a4fc77554e6ec4a599c547b8c441bba83bba34de5572013be570dd3d
SSDEEP

12288:r/AeMz9qHZWjW8qD1LUi8ko1/MlU1lZX7TXgUSE3MKXLAnt17p+6aJtUaD5h:DHCw5Z8QZQyMLTQUSEcKbAn3FqtUa9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c0276f1a6cc40cd5f95b923c53d2ce0_JaffaCakes118

Files

4c0276f1a6cc40cd5f95b923c53d2ce0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4e3c199b9008da24ef61269fbccf0c1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupSecurityDescriptorPartsA
CryptContextAddRef
CryptVerifySignatureA
RegQueryValueW
InitiateSystemShutdownW
RegReplaceKeyW
CreateServiceW
RegOpenKeyExA
RegRestoreKeyW
LogonUserW
RegEnumKeyA
CryptGenRandom
RegQueryInfoKeyW
RegLoadKeyW
RegConnectRegistryW
CryptDuplicateKey
CryptDuplicateHash
StartServiceW
RegReplaceKeyA
CryptSignHashA
CryptDeriveKey
CryptImportKey
RegQueryInfoKeyA
RegSetValueA
LookupAccountNameW

user32

LoadCursorA
GetListBoxInfo
OemToCharA
RegisterClassExA
ShowWindow
RegisterDeviceNotificationA
GetMenuItemInfoA
OemToCharW
RegisterClassA
CharUpperBuffA
SendDlgItemMessageA
BeginPaint
MessageBoxA
VkKeyScanA
DefWindowProcW
MapVirtualKeyExW
CreateWindowStationW
ShowScrollBar
EmptyClipboard
MonitorFromPoint
CountClipboardFormats
OpenClipboard
ScrollDC
DdeConnectList
GetAltTabInfo
RegisterDeviceNotificationW
GetWindowPlacement
LoadMenuIndirectA
SetUserObjectInformationW
WINNLSEnableIME
SetMenuContextHelpId
LookupIconIdFromDirectory
GetWindowModuleFileNameA
GetWindowModuleFileNameW
IsWindowUnicode
GetScrollInfo
CreateWindowExA
GetActiveWindow
EnumDesktopsW
DestroyWindow
DdeQueryStringW
SetMenuItemBitmaps
GetMenuDefaultItem
GetTabbedTextExtentW
CharToOemBuffW
DlgDirListA
LoadMenuW

comctl32

ImageList_Duplicate
InitCommonControlsEx
GetEffectiveClientRect
CreatePropertySheetPageA
CreateMappedBitmap
ImageList_GetIconSize

wininet

FtpOpenFileW

kernel32

DeleteCriticalSection
VirtualFree
VirtualAlloc
lstrcmpiW
HeapCreate
GetCommandLineA
LocalShrink
GlobalLock
GetDateFormatA
ExitProcess
GetSystemInfo
FreeEnvironmentStringsA
SetLastError
GetEnvironmentStringsW
SetCriticalSectionSpinCount
OpenSemaphoreW
LeaveCriticalSection
GetTempFileNameA
SetConsoleCP
IsBadWritePtr
OpenFileMappingW
SetStdHandle
MultiByteToWideChar
FlushInstructionCache
TransactNamedPipe
HeapAlloc
GetComputerNameW
GetModuleFileNameW
TlsAlloc
GetCurrentThreadId
GetCurrentProcess
IsValidLocale
FlushFileBuffers
SetFileTime
WideCharToMultiByte
GetDiskFreeSpaceW
DebugBreak
GetTimeZoneInformation
GetCurrencyFormatW
OpenMutexA
FormatMessageA
lstrcmpi
LCMapStringA
InitializeCriticalSection
GlobalFlags
QueryPerformanceCounter
GetModuleHandleA
GetLastError
FileTimeToLocalFileTime
HeapReAlloc
OpenProcess
EnumSystemLocalesA
GetProcAddress
VirtualQuery
CreateFileMappingW
GetWindowsDirectoryW
GlobalHandle
ExitThread
CommConfigDialogA
CreateToolhelp32Snapshot
GetACP
LocalUnlock
UnhandledExceptionFilter
GetStringTypeW
GetLocalTime
GetOEMCP
GetLocaleInfoW
GetVersionExA
GetConsoleCursorInfo
EnumResourceLanguagesA
GetUserDefaultLCID
lstrcmp
HeapSize
GetModuleFileNameA
GetStdHandle
ReadConsoleOutputCharacterA
GetConsoleOutputCP
GetCPInfo
GetLocaleInfoA
SetThreadPriority
GetTickCount
SetFilePointer
CreateFileMappingA
LoadLibraryExA
FindAtomW
GetEnvironmentStrings
lstrlenA
CreateMutexA
SetHandleCount
GetStartupInfoA
FindFirstFileA
GetDiskFreeSpaceExW
GetStringTypeA
SetEnvironmentVariableA
GetTempPathW
LCMapStringW
LoadLibraryA
EnumSystemLocalesW
GetSystemTimeAsFileTime
CompareStringW
GetTimeFormatA
UnlockFileEx
GetFileType
VirtualProtect
SystemTimeToTzSpecificLocalTime
TlsGetValue
GetCurrentThread
IsValidCodePage
TerminateProcess
LocalFree
RtlUnwind
FreeEnvironmentStringsW
LoadModule
TryEnterCriticalSection
ReadConsoleW
GetCurrentProcessId
FindFirstFileExW
CompareStringA
InterlockedExchange
CompareFileTime
HeapFree
lstrcpynA
GetFullPathNameA
GetNamedPipeHandleStateW
EnumCalendarInfoA
WriteFile
TlsFree
ResumeThread
DuplicateHandle
ReadFile
TlsSetValue
GetDateFormatW
GetDriveTypeW
MapViewOfFile
EnterCriticalSection
HeapDestroy
CloseHandle

gdi32

CreateEllipticRgn
GetROP2
GetObjectA
ModifyWorldTransform
CombineRgn
CreateDCW
RealizePalette
GetOutlineTextMetricsA
GetMetaRgn
SetColorAdjustment
GetCharWidth32W
GetDeviceCaps
EndPath
EnumICMProfilesA
EqualRgn
DeviceCapabilitiesExW
DeleteDC
CreateScalableFontResourceW
SetICMMode
Arc
SetGraphicsMode
DeleteObject
GetCharacterPlacementA
SetBkColor
SetBkMode
ChoosePixelFormat
MoveToEx
SetAbortProc

shell32

SHBrowseForFolderA
SHAppBarMessage
ExtractIconEx
SHGetSpecialFolderPathW

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 464KB - Virtual size: 462KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e3c199b9008da24ef61269fbccf0c1c

Headers

File Characteristics

Imports

advapi32

user32

comctl32

wininet

kernel32

gdi32

shell32

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 464KB - Virtual size: 462KB

.data Size: 132KB - Virtual size: 141KB

.rsrc Size: 28KB - Virtual size: 24KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 464KB - Virtual size: 462KB

.data
Size: 132KB - Virtual size: 141KB

.rsrc
Size: 28KB - Virtual size: 24KB