4e1bbd4fe59b8a708cc938f6aed77a30_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4e1bbd4fe59b8a708cc938f6aed77a30_JaffaCakes118
Size

301KB
MD5

4e1bbd4fe59b8a708cc938f6aed77a30
SHA1

3f94a6ed7742b7fd5639b6821a373de5aeb0b56f
SHA256

d150f6cc1cff9f1ea3654dc2be66c66e88f7bf047a25deec2a1e4e080efd0471
SHA512

aa154b4a0681c1001a359113aeddfde0c6e1ab9c3d86fc9fe92612a2024dab733244d2e2b9065cd07ac974a0c5eb16d9b96e8118eff34ecccbb75a5fdf897838
SSDEEP

6144:3EjgBdPFRgT5fFFeUum39oXvDf1DxVJGSWtxSPgRpHdE:0MjPPG5fbym39orfTV0SqxS6dE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e1bbd4fe59b8a708cc938f6aed77a30_JaffaCakes118

Files

4e1bbd4fe59b8a708cc938f6aed77a30_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8f4820975955fe92f41dfea0c8451030

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstChangeNotificationW
GetDriveTypeW
FindResourceW
SetEndOfFile
SuspendThread
WaitForSingleObject
FreeResource
MulDiv
MoveFileW
SetWaitableTimer
LoadResource
ResumeThread
FindNextFileW
GetVersion
ExitProcess
FreeLibrary
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualAlloc
VirtualProtect
GetModuleFileNameW
GlobalFree
SetLastError
lstrcpyW
GetTickCount
GetPrivateProfileStringW
GetProcAddress
ReadProcessMemory
GetSystemTime
GlobalLock
CreateWaitableTimerW
WriteFile
WaitForMultipleObjects
LoadLibraryW
GetFileSize
InterlockedDecrement
LockResource
CreateFileW
SetEvent
WideCharToMultiByte
CancelWaitableTimer
InterlockedIncrement
GetFileAttributesExW
GetLastError
VirtualFree
WritePrivateProfileStringW
GlobalUnlock

user32

SetWindowPos
WindowFromPoint
DestroyMenu
SetCursor
IsWindow
RegisterHotKey
SetCursorPos
SetWindowTextW
AppendMenuW
PostThreadMessageW
GetKeyState
DialogBoxParamW
EnableWindow
MessageBoxW
LoadImageW
SetCapture
TrackPopupMenu
SendMessageW
GetWindowDC
GetWindowRect
LoadCursorW
VkKeyScanW
PostQuitMessage
TranslateMessage
SystemParametersInfoW
GetCursorPos
InvalidateRect
PostMessageW

gdi32

SetTextColor
DPtoLP
GetMapMode
SetMapMode
LineTo
CreateSolidBrush
CreateCompatibleDC
GetStockObject
CreateFontIndirectW
StretchBlt
SelectObject
GetClipBox
CreateDCW
CreatePen
DeleteObject
DeleteDC
GetDeviceCaps
BitBlt

advapi32

LookupAccountSidW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW

ole32

CoUninitialize
CreateStreamOnHGlobal

oleaut32

SysFreeString

Sections

.text
Size: 272KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8f4820975955fe92f41dfea0c8451030

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 272KB - Virtual size: 270KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 16KB

.text
Size: 272KB - Virtual size: 270KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 16KB