4df1025d696d99601dfe0a443d716ecb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4df1025d696d99601dfe0a443d716ecb_JaffaCakes118
Size

176KB
MD5

4df1025d696d99601dfe0a443d716ecb
SHA1

9c7ff53178fb20bef85df25a3333ef969404ceb4
SHA256

29e5ec070285dda9075b83744e273a9ecffb208b6c6439061e494fadbfff44d3
SHA512

696068bd4cacf8424364663b515f35eec578479001e36efb2d1c7a928b2a6db980933ae27d4292a099d87f8c659ae750e60abe8aeec0de85b087f3cb274f77f3
SSDEEP

3072:xpRXGbUEx/xYEuJnMa5gGIaZF+XDb/WZi1D8OoKaH:nR2bUqwMHGF+XDyU+Oo/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4df1025d696d99601dfe0a443d716ecb_JaffaCakes118

Files

4df1025d696d99601dfe0a443d716ecb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

edfa84c1ad9a7e5a5b29d82b90569534

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Project\LGFanModeTile\release\LGFanModeTile.pdb

Imports

kernel32

CloseHandle
WaitForSingleObject
Sleep
CreateThread
CreateEventW
GetCurrentThreadId
SetEvent
GetCommandLineW
HeapFree
GetProcessHeap
FlushFileBuffers
CreateFileA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
InterlockedDecrement
SetStdHandle
IsValidCodePage
InterlockedIncrement
GetModuleFileNameW
GetModuleHandleW
lstrcmpiW
lstrlenW
GetSystemPowerStatus
GetUserDefaultUILanguage
GetLastError
GetOEMCP
GetCPInfo
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
SetFilePointer
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
FreeEnvironmentStringsA
SetLastError
FindResourceExW
FindResourceW
RaiseException
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
WriteConsoleA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
RtlUnwind
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
VirtualAlloc
HeapCreate
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree

user32

CharUpperW
KillTimer
LoadImageW
PostMessageW
FindWindowW
SetTimer
LoadStringW
SendMessageTimeoutW
UnregisterClassA
PostThreadMessageW
GetMessageW
DispatchMessageW
TranslateMessage
CharNextW

advapi32

RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
TraceMessage
RegCloseKey

shell32

SHGetFileInfoW

ole32

CoInitializeEx
CoTaskMemFree
StringFromCLSID
CoInitialize
CoUninitialize
CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity

oleaut32

VariantInit
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
SysStringLen
SysAllocString
SysFreeString

atl80

ord17
ord32
ord20
ord18
ord22
ord64
ord23
ord61
ord58
ord31

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edfa84c1ad9a7e5a5b29d82b90569534

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

atl80

Sections

.text Size: 76KB - Virtual size: 72KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 76KB - Virtual size: 72KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 68KB - Virtual size: 66KB