4d612771ea3289d866b4e181b6c475ec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4d612771ea3289d866b4e181b6c475ec_JaffaCakes118
Size

237KB
MD5

4d612771ea3289d866b4e181b6c475ec
SHA1

5ad5c6b8f538494839016860a22ddf61f3760399
SHA256

4ee99b504e0eecb2b3c3e1dc4a4d783790fff471c4c520bb412e5cf2b95ae646
SHA512

5f289b0ceec6e1be51c746adaf9e9e02218d9616171afe78519ac467703f3832a0312723ef8cbe3f79602b870c37a543d6e0a7e1b0990d0d6d20dfb1e4df59f9
SSDEEP

6144:W8SauhnbEtvHPlZKbFXyUoYSKNBZMeR9xXQMnrJrMqHwv:fSlhbEvvlZKYUoYSKXZTjn1hH0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d612771ea3289d866b4e181b6c475ec_JaffaCakes118

Files

4d612771ea3289d866b4e181b6c475ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dccf2d7a749deef50f1812767ad5da2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
HeapDestroy
WaitForMultipleObjects
CompareStringW
GetStringTypeW
FreeEnvironmentStringsW
HeapAlloc
LoadLibraryA
VirtualFree
SetLastError
DeleteCriticalSection
GetMailslotInfo
FreeEnvironmentStringsA
GetEnvironmentStringsW
TlsSetValue
UnhandledExceptionFilter
GetDateFormatA
GetUserDefaultLCID
GetVersionExA
EnterCriticalSection
TlsFree
GetLocaleInfoW
HeapCreate
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
WriteFile
GetTimeZoneInformation
GetProcAddress
GetACP
GetTimeFormatA
HeapFree
CompareStringA
GetLocaleInfoA
CreateDirectoryExW
IsDebuggerPresent
VirtualQuery
SetHandleCount
IsValidCodePage
Sleep
GetEnvironmentStrings
IsValidLocale
WideCharToMultiByte
GetStringTypeA
HeapReAlloc
SetEnvironmentVariableA
ExitProcess
FreeLibrary
EnumSystemLocalesA
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
LeaveCriticalSection
GetModuleHandleA
GetStartupInfoA
LCMapStringA
LCMapStringW
GetCurrentThreadId
TlsAlloc
HeapSize
GetLastError
GetStartupInfoW
GetCurrentProcessId
GetModuleFileNameA
MultiByteToWideChar
GetFileType
SetVolumeLabelA
GetTickCount
InitializeCriticalSection
GetCommandLineW
GetProcessHeap
TlsGetValue
SetUnhandledExceptionFilter
RtlUnwind
GetOEMCP
GetSystemTimeAsFileTime
InterlockedExchange
SetConsoleCtrlHandler
GetCommandLineA
GetCPInfo
GetStdHandle

shell32

SHFormatDrive
RealShellExecuteExW
DragQueryFileW
DragQueryFileAorW
SHGetSpecialFolderPathA
DragQueryFileA
SHLoadInProc
SHEmptyRecycleBinW
RealShellExecuteW

comdlg32

PrintDlgA
GetFileTitleA
PageSetupDlgW
GetOpenFileNameW
FindTextW
PageSetupDlgA
GetSaveFileNameW
ChooseColorA
ChooseFontA
GetSaveFileNameA
PrintDlgW
FindTextA
ChooseColorW
ReplaceTextW
ChooseFontW
GetFileTitleW

user32

DdeUnaccessData
CreateDialogIndirectParamA
GetDlgItemTextA
IsCharAlphaNumericW
DdeSetQualityOfService
GetSysColor
CallMsgFilterW
InSendMessage
ScrollWindowEx
FillRect
DefFrameProcA
GetWindowModuleFileNameW
CreateMenu
CopyRect
GetClassInfoExA
EndDeferWindowPos
GetUpdateRect
PostMessageW

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dccf2d7a749deef50f1812767ad5da2f

Headers

File Characteristics

Imports

kernel32

shell32

comdlg32

user32

Sections

.text Size: 119KB - Virtual size: 118KB

.data Size: 113KB - Virtual size: 127KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 119KB - Virtual size: 118KB

.data
Size: 113KB - Virtual size: 127KB

.rsrc
Size: 4KB - Virtual size: 4KB