4d454be87ea7f87fc431e3d64832a51e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4d454be87ea7f87fc431e3d64832a51e_JaffaCakes118
Size

139KB
MD5

4d454be87ea7f87fc431e3d64832a51e
SHA1

c7fbcd5cd4e55af2128a9bdeb481b04001d3ee65
SHA256

86d37620168c1f22487e181cf8eb372b4ca15fbd6a577e694b309e72040ddffb
SHA512

90f1d88a24f8122df971d33301ef26f280d66972adfb65c37fd4e4ed75abc23b6abb869a36e22821b30824ca72c021eb57d434509f55fa941eeca6d0cbaf241c
SSDEEP

3072:d90mMdvx83OFzOKwbSQQtARgxBNLdnyWBmv7aRXOt4pb/GXMPQrD:dS/pmOFz8jQquBNLdnR4SOt4xekQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d454be87ea7f87fc431e3d64832a51e_JaffaCakes118

Files

4d454be87ea7f87fc431e3d64832a51e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2f53bd941c09381f178ea85bef182174

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memcpy
memset

shlwapi

PathIsContentTypeA
StrFormatKBSizeW
SHRegCloseUSKey
ord157
StrCmpNIA

shell32

ord191
ord80

kernel32

LoadLibraryA
lstrcmpiW
GetModuleHandleA
lstrcpyA
HeapAlloc
ClearCommError
GetCurrentProcess
SetFilePointerEx
SetHandleInformation
FindFirstFileExW
GetProcAddress
SetFileTime
lstrcpynW
TerminateProcess
GetMailslotInfo
GetLastError
BackupRead
BackupWrite
FindClose
MoveFileA
GetProfileStringA
WaitForMultipleObjects
EnumResourceNamesA
DuplicateHandle
ResetWriteWatch
GetTimeZoneInformation
GetNamedPipeInfo
EnumResourceTypesA
lstrlenA
GetTempFileNameW
LocalFileTimeToFileTime
FileTimeToSystemTime
FormatMessageW
_lcreat
DosDateTimeToFileTime
FileTimeToDosDateTime
BackupSeek

user32

EnumPropsExA
TranslateAcceleratorW
EnumPropsW
EndPaint
IsWindowVisible
CreateDialogParamW
GetKeyboardState
CharLowerW
CharPrevA
DlgDirSelectExA
LoadImageW
PostMessageW
SetMenuItemBitmaps
GetWindowInfo
BeginPaint
wsprintfW
SetPropW
TranslateMessage
LoadAcceleratorsW
GetWindowTextA
PeekMessageW
SetScrollPos
ReleaseDC
LoadCursorFromFileW
ScrollWindow
GetWindowRgn
ValidateRgn
SetMenuItemInfoW
GetPropW
GetDC
GetDesktopWindow
DispatchMessageW
SendMessageW

gdi32

UpdateColors
SetTextCharacterExtra
OffsetClipRgn
AngleArc
SetBkColor
GetGlyphIndicesW
GetTextExtentExPointW
FillRgn
GetCharABCWidthsA
SetWindowExtEx
DescribePixelFormat
DeleteDC
SetDIBitsToDevice
CreateCompatibleDC
CreateCompatibleBitmap
LineTo
GetBitmapBits

advapi32

InitializeSid
PrivilegedServiceAuditAlarmA
GetSidSubAuthority
GetSidLengthRequired
EqualSid

Exports

Exports

_XCopy_ExtAddText@12
_XCreate_ExtClearImg@12
_XSet_ExtClearData@12
_XUpdate_ExtMoveInfo@12

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vars
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IMPORT
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zero
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.const
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f53bd941c09381f178ea85bef182174

Headers

File Characteristics

Imports

ntdll

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.code Size: 8KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 188B

.vars Size: 1024B - Virtual size: 624B

IMPORT Size: 512B - Virtual size: 128B

.zero Size: 4KB - Virtual size: 3KB

.const Size: 512B - Virtual size: 44B

.rsrc Size: 117KB - Virtual size: 116KB

.reloc Size: 1024B - Virtual size: 808B

.text
Size: 6KB - Virtual size: 5KB

.code
Size: 8KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 188B

.vars
Size: 1024B - Virtual size: 624B

IMPORT
Size: 512B - Virtual size: 128B

.zero
Size: 4KB - Virtual size: 3KB

.const
Size: 512B - Virtual size: 44B

.rsrc
Size: 117KB - Virtual size: 116KB

.reloc
Size: 1024B - Virtual size: 808B