4dcf0312cf990681c7a836cef937e283_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4dcf0312cf990681c7a836cef937e283_JaffaCakes118
Size

4.0MB
MD5

4dcf0312cf990681c7a836cef937e283
SHA1

bafa31c6b4ac556c88d132dbfbe1ac52891defc9
SHA256

16a84c30b67db39e1c0d4d592e2c6df35e7eaf8f8f4a5c5e7f42535b12053676
SHA512

19e65fc2102a9aed2e51ca75e7462485a8bfa5c966f5450d30e4852730af989bb09a5ce347f4e19d68214963463a0f8da75ffe14c52a024bd74f96ac43e55977
SSDEEP

98304:7VrC7Js0rgfS+aybzoDLUG2jCU6etuebCv4mcs1ixOHnAlx8u:AvYYJDLUGLU6cs8OHnyx8u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4dcf0312cf990681c7a836cef937e283_JaffaCakes118

Files

4dcf0312cf990681c7a836cef937e283_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f450f41d4113c41c90c7a228ca9e57a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegReplaceKeyW
SetSecurityDescriptorDacl
LookupPrivilegeDisplayNameA
AllocateAndInitializeSid
CryptSignHashW
SetEntriesInAclW

kernel32

ExitProcess
VirtualFree
GetShortPathNameA
LocalReAlloc
DuplicateHandle
GetLongPathNameA
CreateFileW
VirtualQueryEx
IsBadWritePtr
SetThreadLocale
FindNextChangeNotification
GetModuleHandleA
FindFirstFileA
SuspendThread
GlobalAddAtomW
ReadFileScatter
LocalFileTimeToFileTime
ConnectNamedPipe
LoadLibraryExA
ReadFile
WriteProcessMemory
lstrcmpA
PrepareTape
Beep
GetCPInfo
WriteConsoleOutputW
EnumTimeFormatsW
GetLogicalDriveStringsA
ScrollConsoleScreenBufferA
GetLocaleInfoW
GetUserDefaultLangID
QueryDosDeviceA
AreFileApisANSI
FreeLibraryAndExitThread
GetTempFileNameA
GetDriveTypeA
PeekConsoleInputW
EnumDateFormatsW
GetSystemDefaultLangID
ReadDirectoryChangesW
SetTimeZoneInformation
GetTimeZoneInformation
GetTapeStatus
OpenSemaphoreW
EnumCalendarInfoA
GetBinaryTypeW
ReadConsoleInputW
SetEnvironmentVariableW

user32

GetWindowTextA
WinHelpA
LoadKeyboardLayoutA
CharLowerA
GetKeyboardLayoutNameA
EnableWindow
IsIconic
SetFocus
OpenWindowStationW
GetMenuItemRect
RegisterClassA
DefMDIChildProcA
EnumWindowStationsA
EnumClipboardFormats
ReleaseDC
GetMenuInfo
GetWindowLongA
CallNextHookEx
CreateMDIWindowW
SendMessageW
DestroyWindow
SetWindowContextHelpId
PostThreadMessageA
CopyIcon
TrackPopupMenuEx
SetWindowTextA
OemToCharBuffW

msvcrt

vfwprintf
vsprintf
_mbsnicmp
_fsopen
_snwprintf
_beginthread
iswcntrl
_wctime
_wtoi

Sections

.text
Size: 254KB - Virtual size: 253KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f450f41d4113c41c90c7a228ca9e57a0

Headers

File Characteristics

Imports

advapi32

kernel32

user32

msvcrt

Sections

.text Size: 254KB - Virtual size: 253KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 3.4MB - Virtual size: 3.4MB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 254KB - Virtual size: 253KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 3.4MB - Virtual size: 3.4MB

.rsrc
Size: 18KB - Virtual size: 18KB