4c3045b6190174a8d3e3c8977768456f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4c3045b6190174a8d3e3c8977768456f_JaffaCakes118
Size

364KB
MD5

4c3045b6190174a8d3e3c8977768456f
SHA1

31750060f7718bcb5ecf7e27b922c09e79fb8e80
SHA256

25b9230992962b7c429fcdc9b35c50c6eeec2ad96aae0924321162b3f652bc15
SHA512

ead2b0b1143a6524bc46f3ab7fe1a41b1fe6ad28a34fea5a6655d8766c941f41defa1a43cb1fd6336b00c237c15a55ffdd96d8727a92db494438ef5a29db1795
SSDEEP

6144:Wj95I0VL7BJ6nO1UYQGAi4LXX2UoTa0UEYkTBf7R7s2KMy9dUwu1DhBvJ8Z4g7pX:WjTIAXBOO1seGnIu0UEY+BN7s2KMyreO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c3045b6190174a8d3e3c8977768456f_JaffaCakes118

Files

4c3045b6190174a8d3e3c8977768456f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

12d2a250ee823ba934febffb8f5bb1b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\khodp\cveate\jeseeceo\wsoue\omacnb\vmsaakem.PDB

Imports

kernel32

GetCurrentProcess
GetUserDefaultLCID
EnumResourceLanguagesW
HeapReAlloc
GetProcessHeap
GetCurrentProcessId
SetEnvironmentVariableA
WideCharToMultiByte
GetAtomNameA
GetFullPathNameW
FillConsoleOutputCharacterA
GetCPInfo
GetDiskFreeSpaceExA
GetModuleHandleA
GetLastError
GetACP
SetConsoleOutputCP
GetStringTypeExA
TlsGetValue
GetTimeZoneInformation
SetLastError
IsBadWritePtr
GetModuleFileNameA
TlsSetValue
EnumSystemLocalesA
GetOEMCP
GetProcAddress
OpenFile
CloseHandle
GetCurrentThread
WriteFile
SetCurrentDirectoryA
LCMapStringA
CreateDirectoryW
GetEnvironmentStringsW
LeaveCriticalSection
ReadFile
GetSystemInfo
FreeEnvironmentStringsW
VirtualQuery
FlushFileBuffers
GetSystemTimeAsFileTime
LocalCompact
SetStdHandle
CompareStringA
CreateEventW
TlsFree
VirtualProtect
RtlUnwind
CompareStringW
DeleteCriticalSection
TerminateProcess
InterlockedExchangeAdd
GetEnvironmentStringsA
GetStartupInfoA
MultiByteToWideChar
GetStringTypeW
InterlockedExchange
WriteConsoleOutputCharacterW
CopyFileA
VirtualFree
HeapDestroy
CreateProcessA
HeapCreate
VirtualAlloc
GetModuleFileNameW
GetCommandLineW
HeapAlloc
CreateFileW
GetStartupInfoW
LCMapStringW
GetCurrentThreadId
GetLocaleInfoW
HeapSize
GetComputerNameW
GetDateFormatA
RtlFillMemory
UnhandledExceptionFilter
HeapFree
SetHandleCount
IsValidCodePage
GetEnvironmentStrings
GetStdHandle
SetLocalTime
WriteProfileStringA
ExitProcess
InitializeCriticalSection
GetTimeFormatA
IsValidLocale
CreateMutexA
TlsAlloc
GetLocaleInfoA
LoadLibraryA
GetFileAttributesA
ReleaseSemaphore
GetModuleHandleW
GetFileType
FreeEnvironmentStringsA
GetVersionExA
GetCommandLineA
GetStringTypeA
RemoveDirectoryA
SetFilePointer
SetThreadIdealProcessor
EnterCriticalSection
GetTickCount
QueryPerformanceCounter
OpenMutexA

advapi32

RegSaveKeyA
CryptSignHashW
StartServiceA
CryptEnumProviderTypesA
ReportEventA
RegOpenKeyExA
CryptVerifySignatureW
RegQueryValueExW
CryptDuplicateKey

comctl32

ImageList_Write
ImageList_Destroy
DestroyPropertySheetPage
ImageList_Read
ImageList_SetImageCount
GetEffectiveClientRect
ImageList_LoadImageW
InitCommonControlsEx
ImageList_DrawEx
ImageList_Replace
ImageList_GetDragImage
ImageList_SetDragCursorImage
ImageList_DragLeave
CreateUpDownControl

gdi32

GetCharABCWidthsFloatA
EndPath
PtVisible
GetRgnBox
SetEnhMetaFileBits
SetMiterLimit
GetCharABCWidthsFloatW
GetRegionData

shell32

SHFileOperationW
SHAppBarMessage

user32

LoadBitmapW
ToAscii
GetCursorInfo
SetCaretBlinkTime
DdeReconnect
EnumDisplayMonitors
GetWindowInfo
RegisterClassExA
LoadCursorFromFileW
CreateDialogIndirectParamA
UnhookWindowsHookEx
RegisterClassA
InvalidateRect
DrawStateW
ChangeDisplaySettingsW
SetProcessWindowStation
EnumPropsExA
TileChildWindows
PeekMessageW
CreateDialogParamA
GetListBoxInfo
GetMenuState
GetWindowTextW
SetWindowLongA
LoadKeyboardLayoutA

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12d2a250ee823ba934febffb8f5bb1b5

Headers

File Characteristics

PDB Paths

Imports

kernel32

advapi32

comctl32

gdi32

shell32

user32

Sections

.text Size: 140KB - Virtual size: 138KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 92KB - Virtual size: 113KB

.rsrc Size: 52KB - Virtual size: 49KB

.text
Size: 140KB - Virtual size: 138KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 92KB - Virtual size: 113KB

.rsrc
Size: 52KB - Virtual size: 49KB