4cc4e6848b97f09e682c7eb5ce1a6142_JaffaCakes118

General

Target

4cc4e6848b97f09e682c7eb5ce1a6142_JaffaCakes118
Size

152KB
MD5

4cc4e6848b97f09e682c7eb5ce1a6142
SHA1

2281d14ea8e489c074f463e50a80bb4dfb1d6ba0
SHA256

06a1abb3831fefaa6fac237b2671bcfee9e5d781187fbf1f29b75a0dfbb9a5e4
SHA512

cbbe6397fdcb07db2ecd1cb65a32548c9c31c0136a1cf2ba6ef1260bf4bcf61a6cf68f4677b40e000a2df5fc284d74e10925d33846b3c595a3a1f0e40aaf2a81
SSDEEP

3072:ukXloubt4lonaoCQMl/OuJdV9IaAAdKCrUp8fV:TlOS8dV8tCfV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cc4e6848b97f09e682c7eb5ce1a6142_JaffaCakes118

Files

4cc4e6848b97f09e682c7eb5ce1a6142_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b192ff857fe355082b0a745b121b836

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
GetThreadLocale
GetStdHandle
GetPrivateProfileStringA
DuplicateHandle
GetFileTime
GetSystemDirectoryA
GetModuleHandleA
VirtualProtect
QueryPerformanceCounter
SetStdHandle
WideCharToMultiByte
LocalFileTimeToFileTime
lstrcmpiA

user32

GetMenuStringA
IntersectRect
SetScrollRange
UnhookWindowsHookEx
SetPropA
WindowFromPoint
GetSysColor
DrawIconEx
GetMenuState
GetWindowTextA
EnumWindows

msvcrt

log10
rename
_initterm
_adjust_fdiv
wcscmp
__setusermatherr
_acmdln
_mbsicmp
_XcptFilter
__p__fmode
_except_handler3
ctime
__getmainargs
__set_app_type
wcscspn
fputc
__p__commode
_fileno
fflush
_errno
exit

shell32

SHBrowseForFolderA
SHGetFileInfo
ShellExecuteExW
SHBindToParent
SHGetFolderPathA
SHAppBarMessage
FindExecutableW
SHGetSpecialFolderPathW
SHFileOperationA
DragQueryFileW

ole32

IIDFromString
OleInitialize
CLSIDFromProgID
StringFromIID
OleGetClipboard
CoUninitialize
OleUninitialize

comctl32

ImageList_DrawEx
PropertySheetW
ImageList_GetBkColor
CreatePropertySheetPageA
ImageList_LoadImageW

advapi32

RegCloseKey
RegEnumKeyW
OpenServiceA
OpenProcessToken

oleaut32

SysAllocStringByteLen
SafeArrayRedim
SafeArrayGetElement
VariantInit
SysStringByteLen
SafeArrayCreate

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5b192ff857fe355082b0a745b121b836

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

shell32

ole32

comctl32

advapi32

oleaut32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 140KB - Virtual size: 139KB

.data Size: 6KB - Virtual size: 6KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 140KB - Virtual size: 139KB

.data
Size: 6KB - Virtual size: 6KB