4dc91f27a11203ce7fd3f95984f1d1f3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4dc91f27a11203ce7fd3f95984f1d1f3_JaffaCakes118
Size

376KB
MD5

4dc91f27a11203ce7fd3f95984f1d1f3
SHA1

506cbef03f0a0415ddbc221fe0764346bff84ed0
SHA256

004dab419ad3a07f924dc5dc02972f5a65bd68723a58ab50fd7eaffaa342be32
SHA512

a7a9cd0cd91ad0e8b3b175a97ca827c1f7543fc4c8fdf472d3d2e97fedbbd48707f20ecb355749e8eafab4724713c4d39f02b88a40e2ea568e67b7d44a882ad5
SSDEEP

6144:83zTBrwbpQ5V/yuOxfZN8nHqsBFg/DhFvyuPcp4TqE9O7rqB4XjIjmo3KXO3C/Lj:Cr8UOxxAKsk9Fv9k8qE87rqKIjpKXDLj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4dc91f27a11203ce7fd3f95984f1d1f3_JaffaCakes118

Files

4dc91f27a11203ce7fd3f95984f1d1f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ff88e8d5b31a571b88bc2e78254f819

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHEmptyRecycleBinA
ExtractAssociatedIconA

comctl32

InitCommonControlsEx

gdi32

PolylineTo
GetCharWidthFloatW
CreateCompatibleBitmap
GetFontData
EnumObjects
RoundRect
SetBoundsRect
OffsetClipRgn
GetGraphicsMode
SelectPalette
SetGraphicsMode
GetClipBox
GetSystemPaletteUse
GetLogColorSpaceW
CreateDCA
GetTextCharacterExtra
CreatePalette

user32

MessageBoxIndirectA
GetScrollRange
LoadAcceleratorsA
CascadeChildWindows
CopyImage
RemovePropA
TrackPopupMenu
ToUnicodeEx
GetSysColorBrush
TranslateAcceleratorA
GetDCEx
DdeQueryStringW
AnimateWindow
FlashWindowEx
SetMenuItemBitmaps
RegisterClassA
DrawIcon
ChangeMenuW
RegisterClassExA
IsRectEmpty
SetMenuInfo
CreateDesktopA
GetClassInfoA
RemovePropW

kernel32

VirtualAlloc
RtlUnwind
CreateMutexA
QueryPerformanceCounter
GetCompressedFileSizeW
WideCharToMultiByte
GetCPInfo
FreeEnvironmentStringsW
LoadLibraryA
SetEnvironmentVariableA
SetHandleCount
GetFileType
ReadFile
GetSystemTime
PulseEvent
FreeEnvironmentStringsA
CompareStringA
EnumSystemLocalesW
GetTempFileNameW
GetACP
GetStringTypeA
SetStdHandle
SetConsoleTextAttribute
CloseHandle
GetModuleHandleA
ExitProcess
TlsFree
LCMapStringW
GetCommandLineA
InterlockedExchange
HeapReAlloc
MultiByteToWideChar
HeapCreate
VirtualQuery
TlsSetValue
DeleteCriticalSection
CommConfigDialogA
GetTimeZoneInformation
LeaveCriticalSection
TlsAlloc
HeapDestroy
GetSystemTimeAsFileTime
HeapAlloc
GetCurrentThreadId
FileTimeToDosDateTime
CopyFileA
GetTickCount
GetOEMCP
GetStartupInfoA
SetFilePointer
GetUserDefaultLCID
ReadConsoleOutputCharacterA
InterlockedIncrement
SetCurrentDirectoryA
GetThreadPriority
GetCurrentProcess
GetStringTypeW
VirtualFree
lstrcatW
UnhandledExceptionFilter
SetCurrentDirectoryW
SetLastError
GetCurrentProcessId
GetVersion
HeapFree
GetEnvironmentStringsW
InitializeCriticalSection
TerminateProcess
CreateNamedPipeA
CompareStringW
GetCurrentThread
GetEnvironmentStrings
FindFirstFileW
AddAtomA
GetLocalTime
GetProcAddress
RtlZeroMemory
LocalAlloc
WriteFile
IsBadWritePtr
GetModuleFileNameA
FlushFileBuffers
EnterCriticalSection
GetStdHandle
InterlockedDecrement
TlsGetValue
GetLastError
LCMapStringA
OpenMutexA

Sections

.text
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ff88e8d5b31a571b88bc2e78254f819

Headers

File Characteristics

Imports

shell32

comctl32

gdi32

user32

kernel32

Sections

.text Size: 154KB - Virtual size: 154KB

.rdata Size: 5KB - Virtual size: 23KB

.data Size: 207KB - Virtual size: 206KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 154KB - Virtual size: 154KB

.rdata
Size: 5KB - Virtual size: 23KB

.data
Size: 207KB - Virtual size: 206KB

.rsrc
Size: 9KB - Virtual size: 8KB