4dbe97d13c06cbf506e0f0b8c66546f7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4dbe97d13c06cbf506e0f0b8c66546f7_JaffaCakes118
Size

615KB
MD5

4dbe97d13c06cbf506e0f0b8c66546f7
SHA1

cd477941e7680ad5d7a20444a0158a40a421d846
SHA256

24fd18a2089a8754e7a00f5fca841bcf2182da1058a4cbe7b635f38c5e103e02
SHA512

a0ca366cde8b61ae43565f11b7675705addfdfb122167ef2c2f2282f533301a85433bf37254c95cbeec1321c660e3e13924d4e20f1ee362edf8d323fb0a3ca67
SSDEEP

12288:/KRZNtXd62r8xrzxHp17mg/kxY96m54F05QAYf23:/KVtLr8xrNpdmCkx4HMWYf4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4dbe97d13c06cbf506e0f0b8c66546f7_JaffaCakes118

Files

4dbe97d13c06cbf506e0f0b8c66546f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

83198eb11667f74d7f1635c4a135a114

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
SetEnvironmentVariableA
CreatePipe
VirtualQuery
DuplicateHandle
TlsGetValue
SearchPathW
GetCPInfo
SetConsoleCursorPosition
FreeLibrary
GlobalUnlock
SetConsoleActiveScreenBuffer
ReleaseMutex
CreateDirectoryExA
SetThreadAffinityMask
SystemTimeToFileTime
SetProcessShutdownParameters
CreateDirectoryA
FormatMessageA
VirtualAlloc
MoveFileW
SetErrorMode
LoadResource
GetCommModemStatus
OutputDebugStringA
EnumDateFormatsW
CreateWaitableTimerA
SetupComm
CloseHandle
IsBadWritePtr
GetUserDefaultLangID
GlobalFlags
GetTapeParameters
ReadFile
GetTickCount
GlobalDeleteAtom
GlobalFindAtomA
_hread
GetBinaryTypeW
_lread
EnumSystemCodePagesW
SetThreadLocale
DeleteCriticalSection
GetUserDefaultLCID
FindFirstFileW
WritePrivateProfileSectionW
EnumTimeFormatsW
GetFileType
WritePrivateProfileSectionA
RemoveDirectoryW
LeaveCriticalSection
lstrcmpA
GetDriveTypeW
SetProcessAffinityMask
ReadConsoleInputW
ConnectNamedPipe
GetConsoleMode
FormatMessageW
WritePrivateProfileStringW
SetFileTime
LocalAlloc
lstrcmpiW
IsValidLocale
IsBadReadPtr
FlushConsoleInputBuffer
SuspendThread
SetCommMask
PurgeComm
GetFullPathNameA
SetMailslotInfo
WritePrivateProfileStringA
WriteFile
SetFileAttributesA
VirtualUnlock
WaitNamedPipeA
GlobalReAlloc
MoveFileExA
WriteConsoleOutputCharacterA
WriteProcessMemory
SetEvent
SwitchToFiber
MultiByteToWideChar
FillConsoleOutputCharacterA
FindFirstFileA
LocalReAlloc
PulseEvent
GetFileAttributesExA
SetConsoleTitleA
ExitProcess

user32

ToUnicode
CharLowerBuffA
CloseClipboard
CheckMenuItem
SetMenuItemBitmaps
IsRectEmpty
SendNotifyMessageA
GetMenuItemInfoW

comdlg32

GetSaveFileNameA
FindTextA
CommDlgExtendedError
ReplaceTextW

advapi32

CryptSetProvParam
GetPrivateObjectSecurity
ChangeServiceConfigA
AllocateAndInitializeSid
RegSaveKeyA
CryptGetHashParam
IsValidSecurityDescriptor
RegEnumValueW
RegUnLoadKeyW
StartServiceCtrlDispatcherW
CloseEventLog
AccessCheckAndAuditAlarmW
GetExplicitEntriesFromAclW
AddAce
ImpersonateSelf
CryptDecrypt
QueryServiceConfigA
SetEntriesInAclA
SetSecurityDescriptorGroup
AccessCheck
RegisterEventSourceW
ChangeServiceConfigW
ObjectDeleteAuditAlarmW
RegQueryValueA
RegRestoreKeyA
DeleteService
RegOpenKeyExW
GetSidIdentifierAuthority
LookupAccountSidA
MakeSelfRelativeSD
RegSetValueExW
AbortSystemShutdownA
AllocateLocallyUniqueId
QueryServiceConfigW

ole32

CoDisconnectObject
OleLockRunning

oleaut32

LoadTypeLi
SafeArrayGetLBound
SafeArrayGetElement
VariantCopy
SafeArrayCreate
QueryPathOfRegTypeLi

comctl32

ImageList_SetDragCursorImage
ImageList_Merge

shlwapi

PathIsDirectoryEmptyW
PathIsUNCServerW
PathRemoveArgsW
PathRelativePathToA
PathRemoveBlanksA

Sections

.text
Size: 23KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83198eb11667f74d7f1635c4a135a114

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 23KB - Virtual size: 239KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 268KB - Virtual size: 267KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 23KB - Virtual size: 239KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 268KB - Virtual size: 267KB

.rsrc
Size: 16KB - Virtual size: 16KB