4d1f3e8acd1841065d18777a880cec17_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4d1f3e8acd1841065d18777a880cec17_JaffaCakes118
Size

472KB
MD5

4d1f3e8acd1841065d18777a880cec17
SHA1

256a319e91a72ccce3bfae19179b060e66a13184
SHA256

6d0cdcabc235be2cd8a331af70beae67d235617f641ebd07a355537a72a246e6
SHA512

1ae3a083fc13dfe69122c8878469990f153769d32a0c0edf5602bedde6c68b02abc444b90b1a98ef2dc4f5021ecb8d1e8b41c9e700629761d00c0f5ad23bdedb
SSDEEP

6144:uM7K+uT8+BLb98Ox71v1nULrXFoprioNcPx2mp7qmMIbTf2QudDtaAVaswii+2:ukKo+BLbm+vB+rpPxRjfCqA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d1f3e8acd1841065d18777a880cec17_JaffaCakes118

Files

4d1f3e8acd1841065d18777a880cec17_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44c4074e7f21739dd0d42b87214d3969

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\zdamfmoe\eeponnawuc\dgyw\sl

Imports

user32

GetSysColor
TrackPopupMenu
CopyAcceleratorTableW
GetPropA
CharToOemW
GetClipboardOwner
CharToOemBuffA
CreateWindowExW
GetMenuItemID
MessageBoxW
GetDesktopWindow
IsCharLowerA
SetDebugErrorLevel
EnumWindowStationsW
UnloadKeyboardLayout
CreateDialogParamA
ShowScrollBar
GetMenuInfo
RegisterClassExA
SetProcessWindowStation
DdeSetQualityOfService
DefFrameProcW
InvalidateRgn
ShowWindow
RegisterClassA

kernel32

GetTimeZoneInformation
SetLastError
GetCommandLineA
HeapCreate
HeapFree
InitializeCriticalSection
WriteFile
WritePrivateProfileSectionW
GetCurrentProcess
GetVersion
GetStringTypeA
VirtualAlloc
RtlUnwind
CompareStringA
TerminateProcess
HeapSize
LCMapStringW
EnumSystemLocalesA
CloseHandle
GetStringTypeW
GetLocalTime
GetWindowsDirectoryW
TlsAlloc
SetFilePointer
TlsSetValue
ConnectNamedPipe
ReadFile
InterlockedIncrement
FlushFileBuffers
FreeEnvironmentStringsA
GetTickCount
EnterCriticalSection
TransmitCommChar
GetSystemTimeAsFileTime
CompareStringW
ReadConsoleW
LCMapStringA
HeapReAlloc
GetModuleHandleA
HeapDestroy
FreeEnvironmentStringsW
SetHandleCount
ContinueDebugEvent
SetEnvironmentVariableA
GetDateFormatW
HeapAlloc
GetStdHandle
SetStdHandle
GetEnvironmentStringsW
VirtualQuery
GetEnvironmentStrings
LoadLibraryA
GetCurrentThreadId
QueryPerformanceCounter
TlsGetValue
LeaveCriticalSection
SetConsoleOutputCP
SetEndOfFile
CreateMutexA
MultiByteToWideChar
GetSystemTime
DeleteCriticalSection
GetACP
SetConsoleCtrlHandler
WriteConsoleOutputW
RemoveDirectoryA
GetLastError
GetCurrentProcessId
VirtualFree
UnhandledExceptionFilter
GetCPInfo
OpenMutexA
GlobalUnfix
GetModuleFileNameA
WideCharToMultiByte
WriteConsoleW
IsBadWritePtr
ReadFileEx
GetFileType
GetProcAddress
GetStartupInfoA
GetCurrentThread
InterlockedDecrement
GetOEMCP
GetConsoleMode
ExitProcess
IsValidCodePage
InterlockedExchange
GetLongPathNameW
CreateSemaphoreW
TlsFree
lstrcpyA

comctl32

InitCommonControlsEx

Sections

.text
Size: 317KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44c4074e7f21739dd0d42b87214d3969

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

Sections

.text Size: 317KB - Virtual size: 317KB

.rdata Size: 34KB - Virtual size: 45KB

.data Size: 112KB - Virtual size: 112KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 317KB - Virtual size: 317KB

.rdata
Size: 34KB - Virtual size: 45KB

.data
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 7KB - Virtual size: 6KB