4c678612dc74f45d6c18161f70da28cb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4c678612dc74f45d6c18161f70da28cb_JaffaCakes118
Size

524KB
MD5

4c678612dc74f45d6c18161f70da28cb
SHA1

32784932d64791c09e14cce65c4f372b258b83bd
SHA256

1adf2cda6c22bbd49fe633cf31912c664061475fa4bc480ffb98458b860cbb1b
SHA512

95760598baaec1dab64aa5b98e487307246c667dc0fa0bf63c434de0e0ac67c7e0007bdfae2d6e45eb1276085adccedf65085e4a2f48e5809803409a9cca43f6
SSDEEP

12288:laJM51KDap58QwzXIFZOMEghN+B69gQzgb:laJM58WpuDIFZDzE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c678612dc74f45d6c18161f70da28cb_JaffaCakes118

Files

4c678612dc74f45d6c18161f70da28cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a3e47cf7143a85e46fb13e280b03d15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Duplicate
ImageList_GetImageCount
DrawStatusText
ImageList_SetOverlayImage
GetEffectiveClientRect
ImageList_EndDrag
InitCommonControlsEx
ImageList_DrawIndirect

wininet

InternetAlgIdToStringA
IsHostInProxyBypassList
GetUrlCacheHeaderData
LoadUrlCacheContent

kernel32

HeapDestroy
FreeEnvironmentStringsW
VirtualQuery
CloseHandle
TlsAlloc
HeapAlloc
GetTickCount
FlushFileBuffers
IsBadWritePtr
GetACP
InterlockedIncrement
TlsFree
EnterCriticalSection
GetCommandLineA
GetSystemTime
GetFileType
GetStringTypeW
WideCharToMultiByte
GetCurrentThreadId
LCMapStringA
ReadFile
SetLastError
GetStringTypeA
LCMapStringW
CompareStringA
ExitProcess
SetHandleCount
OpenMutexA
DeleteCriticalSection
GetStartupInfoA
LoadLibraryA
GetModuleHandleA
HeapFree
GetLocalTime
GetModuleFileNameA
UnhandledExceptionFilter
GetEnvironmentVariableW
GetCPInfo
SetEnvironmentVariableA
TerminateProcess
HeapCreate
CompareStringW
WriteFile
GetCurrentProcessId
TlsGetValue
GetStdHandle
GetSystemTimeAsFileTime
SetFilePointer
GetTimeZoneInformation
CreateMutexA
FreeEnvironmentStringsA
VirtualFree
GetProcAddress
SetStdHandle
GetCurrentThread
InterlockedExchange
QueryPerformanceCounter
RtlUnwind
GetLastError
TlsSetValue
InitializeCriticalSection
GetCurrentProcess
HeapReAlloc
GetOEMCP
LeaveCriticalSection
GetEnvironmentStringsW
GetEnvironmentStrings
GetVersion
VirtualAlloc
MultiByteToWideChar
InterlockedDecrement

user32

CharLowerA
DrawTextA
SetWindowTextW
DdeAbandonTransaction
SetCaretPos
RegisterClassExA
TrackPopupMenuEx
RegisterClassA
MessageBoxW
CreateWindowExA
EndPaint
GetCaretPos
ModifyMenuA
DdeDisconnectList
ShowWindow
GetClassLongA
DestroyWindow
PostMessageW
DefWindowProcW
DrawCaption
LoadKeyboardLayoutW
DefDlgProcA
GetUpdateRgn
EnableScrollBar
DdeNameService
LoadStringW
CreateDialogIndirectParamW
CallMsgFilterW
EndMenu

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a3e47cf7143a85e46fb13e280b03d15

Headers

File Characteristics

Imports

comctl32

wininet

kernel32

user32

Sections

.text Size: 115KB - Virtual size: 115KB

.rdata Size: 240KB - Virtual size: 244KB

.data Size: 124KB - Virtual size: 123KB

.rsrc Size: 43KB - Virtual size: 42KB

.text
Size: 115KB - Virtual size: 115KB

.rdata
Size: 240KB - Virtual size: 244KB

.data
Size: 124KB - Virtual size: 123KB

.rsrc
Size: 43KB - Virtual size: 42KB