4d8e60da5cb0fbd55ae4334b1776c62d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4d8e60da5cb0fbd55ae4334b1776c62d_JaffaCakes118
Size

748KB
MD5

4d8e60da5cb0fbd55ae4334b1776c62d
SHA1

434c7953ca78c026186f4e460cd1cde22ff7719b
SHA256

d37dd006f6c4d2a60a143e20ab80047b9823009e87b007f31dfa4c71b2ee6a42
SHA512

560cb8382c026e3b46994b952c8be575ceec7eca65ae0ca2fcedc3d01f07c3a61312d66cb200e1f48c2b20cd1b5d5057f48c200f3d2efde8bfab342daaefd091
SSDEEP

12288:Zd2XV1CmxhpxDiUdKMY8RmzUYJDlsWHfZvUjlNGqiIkIpJ0CvtWEVJK3+9:T8V1Cmx/xfYSMUsDlsWHfCNzBkZotJ0Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d8e60da5cb0fbd55ae4334b1776c62d_JaffaCakes118

Files

4d8e60da5cb0fbd55ae4334b1776c62d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9973a22b4aa5869a94772165fa84917e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetSystemTimeAsFileTime
SetLastError
GetUserDefaultLCID
TlsAlloc
SetEnvironmentVariableA
GetProcAddress
GetTimeZoneInformation
SetHandleCount
GetProcessHeap
CloseHandle
InterlockedDecrement
InitializeCriticalSection
GetCPInfo
FreeEnvironmentStringsA
FreeLibrary
GetModuleFileNameA
SetFilePointer
GetCurrentThread
CreateDirectoryExA
GetStringTypeW
HeapReAlloc
GetEnvironmentStringsW
HeapValidate
EnterCriticalSection
VirtualQuery
GetModuleHandleA
VirtualFree
VirtualAlloc
GetCurrentProcess
GetTickCount
WriteConsoleA
IsValidCodePage
TlsFree
CompareStringW
HeapCreate
GetConsoleMode
GetTimeFormatA
HeapAlloc
UnhandledExceptionFilter
GetEnvironmentStrings
RtlUnwind
HeapDestroy
LCMapStringW
MultiByteToWideChar
GetLocaleInfoA
ExitProcess
GetVersionExA
LoadLibraryA
GetFileType
lstrcatA
EnumSystemLocalesA
CreateFileA
GetACP
TerminateProcess
GetConsoleCP
HeapFree
WideCharToMultiByte
InterlockedExchange
LCMapStringA
Sleep
SetConsoleCtrlHandler
OpenMutexA
GetSystemInfo
ReadFile
CompareStringA
GetDateFormatA
WriteConsoleW
TlsGetValue
GetStartupInfoA
WriteFile
SetStdHandle
GetOEMCP
CreateMutexA
GetStdHandle
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetCommandLineA
FlushFileBuffers
GetCurrentProcessId
HeapSize
TlsSetValue
IsValidLocale
GetConsoleOutputCP
FreeEnvironmentStringsW
LeaveCriticalSection
GetLocaleInfoW
GetPrivateProfileStructA
GetStringTypeA
InterlockedIncrement
GetLastError
IsDebuggerPresent
DeleteCriticalSection

comctl32

ImageList_SetImageCount
CreatePropertySheetPageA
ImageList_Copy
ImageList_Merge
InitCommonControlsEx
ImageList_Destroy
DrawStatusTextW
ImageList_GetImageRect
GetEffectiveClientRect
ImageList_ReplaceIcon
DrawStatusTextA

user32

DispatchMessageA
CreateWindowExA
SetCapture
WINNLSGetEnableStatus
ShowWindowAsync
CreateAcceleratorTableA
ShowWindow
SetCursor
MessageBoxA
FindWindowExA
RegisterClassExA
RegisterClassA
LoadAcceleratorsA
DdeInitializeW
CreateMenu
GetMenuStringW
VkKeyScanExA
EnableScrollBar
LockWindowUpdate
IsDialogMessage
EnumDisplaySettingsW
DestroyWindow
DefWindowProcW
CharNextW

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 448KB - Virtual size: 447KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9973a22b4aa5869a94772165fa84917e

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 104KB - Virtual size: 101KB

.rdata Size: 448KB - Virtual size: 447KB

.data Size: 144KB - Virtual size: 154KB

.rsrc Size: 48KB - Virtual size: 45KB

.text
Size: 104KB - Virtual size: 101KB

.rdata
Size: 448KB - Virtual size: 447KB

.data
Size: 144KB - Virtual size: 154KB

.rsrc
Size: 48KB - Virtual size: 45KB