04b40b11146bd7eaa7c3cdb8591fd5e2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

04b40b11146bd7eaa7c3cdb8591fd5e2_JaffaCakes118
Size

212KB
MD5

04b40b11146bd7eaa7c3cdb8591fd5e2
SHA1

4278a643b517fa6c28efed8c3f67dbc1338cb9e5
SHA256

d6c3e70b7913880d69dd1c35a6acbf4ac09c5e8a13566e542501202182bbef2f
SHA512

a96ec3c405999e116be6f07edf9113ebf32e40b8ac81dab773dcd11a8c8c8a8adacede2c6065eb5ecb448d737aa7eedc9690aa34b4ba2870e37cc07770868999
SSDEEP

6144:PW8TtM7Hte0uzV58deagkhHSbnmLeioJu8Gpl:PW8TtAHt3hHqmiVwJP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04b40b11146bd7eaa7c3cdb8591fd5e2_JaffaCakes118

Files

04b40b11146bd7eaa7c3cdb8591fd5e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc77599ef8afaaa9ca11d270bd83796c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
ReadFile
SetFilePointer
GetTempFileNameA
GetTempPathA
lstrlenA
lstrcpynA
MoveFileA
DeleteFileA
CloseHandle
WriteFile
CreateFileA
GetModuleFileNameA
FormatMessageA
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
InitializeCriticalSection
LoadLibraryA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
LCMapStringW
LocalFree
RtlUnwind
RaiseException
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
ExitProcess
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
HeapSize
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc

user32

MessageBoxA
GetDlgItemTextA
IsDlgButtonChecked
CreateDialogParamA
SendDlgItemMessageA
ShowWindow
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
SetDlgItemTextA
SendMessageA
InvalidateRect
GetDlgItem
EnableWindow

comdlg32

GetSaveFileNameA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA

ole32

CoTaskMemFree

comctl32

ord17

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc77599ef8afaaa9ca11d270bd83796c

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

shell32

ole32

comctl32

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 8KB - Virtual size: 6KB