b4c1504a5f7652ad0c0f8b481fb39006_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b4c1504a5f7652ad0c0f8b481fb39006_JaffaCakes118
Size

340KB
MD5

b4c1504a5f7652ad0c0f8b481fb39006
SHA1

11920bfc19ff6c64cadaafd5f49ca2d04b0a3527
SHA256

4d1e2c32e530b353b6599fed557479faa177981d739edae43c6ae5577c71f999
SHA512

060f1f75a4dfca7ed221e1bc1088b5b213a990f967463aa7e0472fbdd5344eb28d4a53c7bbb17f751abe0eb4e54ec5a957fae6858692bee176ba415d121d0df9
SSDEEP

6144:dcBbeqvt5JEkzNvThFHe+6jgIaJ0PHmiMR5ApGUgm22rDtjJ40R0OTCBvQ:eBy0VHv++pIrPGiM7KGPm2w9ji2KvQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4c1504a5f7652ad0c0f8b481fb39006_JaffaCakes118

Files

b4c1504a5f7652ad0c0f8b481fb39006_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2cb479f20a4f3e650910ef6129221dca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetVersionExA
ReadDirectoryChangesW
GetLocaleInfoA
DisableThreadLibraryCalls
GetWindowsDirectoryW
GetFileTime
GetProcessWorkingSetSize
GetWindowsDirectoryA
EnumTimeFormatsW
WaitForDebugEvent
ReleaseSemaphore
CreateRemoteThread
SwitchToThread
CancelWaitableTimer
GetSystemDirectoryW
GetCalendarInfoW
EnumCalendarInfoW
DeviceIoControl
SetFileAttributesW
BackupRead
lstrcmpA
LocalFileTimeToFileTime
GetCurrentThreadId
GetThreadSelectorEntry
_hwrite
MoveFileExW
Heap32Next
InterlockedExchangeAdd
WinExec
GetSystemTimeAdjustment
SetVolumeLabelW
GetTempFileNameW
GetStartupInfoA
GetProcessHeaps
HeapUnlock
SetTimeZoneInformation
SetHandleInformation
QueryPerformanceFrequency
PeekConsoleInputA
SetConsoleWindowInfo
BeginUpdateResourceW
SetCalendarInfoW
ReadConsoleOutputCharacterW
OpenMutexW
GetProfileStringA
BuildCommDCBAndTimeoutsA
WriteProfileStringW
EndUpdateResourceA
MulDiv
IsProcessorFeaturePresent
AllocConsole
SetSystemTime
GetDateFormatW
CreateConsoleScreenBuffer
CreateDirectoryExA
GlobalUnWire
GetFileSize

user32

GetClipCursor
DestroyAcceleratorTable
IsDialogMessageA
GetTabbedTextExtentW
EnumPropsA
MoveWindow
GrayStringW
CreateMenu
LoadMenuIndirectW
GetParent
GetLastActivePopup
IsCharLowerA
CopyIcon
LoadAcceleratorsA
CopyImage
CharLowerA
GetUpdateRgn
GetWindowLongA
CharPrevA
TabbedTextOutA
GetScrollRange
GetCursor
PeekMessageA
EnumClipboardFormats
IsDialogMessageW
FlashWindow
OemToCharBuffA
GetPropA
SetCapture
DrawAnimatedRects
SetDlgItemTextA
WinHelpA
DrawFocusRect
CreateWindowExW
GetCaretBlinkTime
MapVirtualKeyW
GetMessageTime
OpenDesktopW
MessageBoxIndirectA
GetUserObjectInformationA
SetDebugErrorLevel
GetSysColor
VkKeyScanExW
DestroyMenu
DeleteMenu
SetRectEmpty
CharNextExA
ChangeMenuW
SetWindowRgn
WaitForInputIdle
SetScrollRange
wvsprintfW
EnumDisplaySettingsW
CreateDialogParamA
CountClipboardFormats
LoadMenuW
TileWindows

gdi32

CreatePolyPolygonRgn
GetMetaFileW
GetRegionData
GetCharABCWidthsFloatW
UpdateColors
GetGlyphOutlineW
Polyline
CreateDiscardableBitmap
ExtCreatePen
GetEnhMetaFileW
GetTextFaceA
CreateScalableFontResourceW
CreateBrushIndirect
GetDIBColorTable
GetTextFaceW
GetRasterizerCaps
EndPage
SetBkColor
PolyPolygon
GetTextExtentPointA
ScaleWindowExtEx
GetCharacterPlacementA
GetDIBits
ModifyWorldTransform
CreateEnhMetaFileA
EnumFontsW
CreateFontIndirectW
EnumICMProfilesA
SelectClipRgn
GetKerningPairsW
ColorMatchToTarget
TranslateCharsetInfo
SetWorldTransform
UpdateICMRegKeyA
StartDocW

advapi32

GetSidIdentifierAuthority
CreateServiceW
SetSecurityDescriptorOwner
AllocateLocallyUniqueId
ObjectDeleteAuditAlarmA
CryptHashData
RegCreateKeyExA
GetTrusteeTypeW
AddAce
RegEnumKeyW
QueryServiceConfigA
LogonUserA
PrivilegedServiceAuditAlarmA
IsValidAcl
RegEnumKeyExW
FindFirstFreeAce
CryptAcquireContextA
IsValidSid
QueryServiceLockStatusA
AbortSystemShutdownA
QueryServiceConfigW
ObjectOpenAuditAlarmA
CreateProcessAsUserW
InitiateSystemShutdownW
ImpersonateNamedPipeClient
SetTokenInformation
DestroyPrivateObjectSecurity
CryptVerifySignatureW
UnlockServiceDatabase
SetEntriesInAclA
RegSetKeySecurity
LookupPrivilegeDisplayNameW

shell32

SHFileOperationW
ShellExecuteExW
SHGetSpecialFolderLocation
SHAppBarMessage

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 278KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

eji18sdc
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1oz6a1z3
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2cb479f20a4f3e650910ef6129221dca

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

msvcrt

Sections

.text Size: 278KB - Virtual size: 280KB

.rdata Size: 6KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 8KB

eji18sdc Size: 45KB - Virtual size: 48KB

1oz6a1z3 Size: 4KB - Virtual size: 4KB

.text
Size: 278KB - Virtual size: 280KB

.rdata
Size: 6KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 8KB

eji18sdc
Size: 45KB - Virtual size: 48KB

1oz6a1z3
Size: 4KB - Virtual size: 4KB