148ffa008089810d8f63702478e19ca0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

148ffa008089810d8f63702478e19ca0_JaffaCakes118
Size

136KB
MD5

148ffa008089810d8f63702478e19ca0
SHA1

9c8d74f47100bfb1d82fd95a030461a1c74f375f
SHA256

46af68c64cfd0693a0033d5b97b24b7bef4f25a5062c7b57e5d637866cc94833
SHA512

c9020a2c66d7e0377959288d1355e21f4327c122c61076a0283bd1be1b65bea2bafbcd512e73dd1f930c4f2d7b1da412b283c27d79592a7405a24840c03c59fa
SSDEEP

3072:Cyc5pCFv8Aa4uCPmXwPXU1E/0lQ0Yriv9W2AzN+Qh:29CugPX50uQ9WxZh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
148ffa008089810d8f63702478e19ca0_JaffaCakes118

Files

148ffa008089810d8f63702478e19ca0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

31d65fefc3903fe04cd0e48f2401c63e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceExA
LZCopy
GetEnvironmentStringsA
GetFullPathNameA
SetEnvironmentVariableA
UnlockFile
GetConsoleWindow
SetConsoleKeyShortcuts
GetConsoleCursorInfo
SetConsoleTextAttribute
GetCurrencyFormatA
GetExitCodeThread
SetConsoleLocalEUDC
DeleteTimerQueueTimer
DisconnectNamedPipe
GetConsoleAliasExesLengthA
GetDefaultCommConfigA
IsBadHugeWritePtr
GetVolumePathNameA
PeekConsoleInputA
GetEnvironmentVariableA
SetLocaleInfoA
PrepareTape
OpenJobObjectA
CreatePipe
LoadResource
VirtualProtectEx
VirtualAllocEx
SetProcessPriorityBoost
EnumResourceLanguagesA
SetFilePointerEx
GetComputerNameA
ConnectNamedPipe
GetProcessShutdownParameters
RequestWakeupLatency
EnumTimeFormatsA
GetWindowsDirectoryA
Process32Next
AddAtomA
GetCompressedFileSizeA
GetDriveTypeA
GetDllDirectoryA
GlobalFindAtomA
GetCommState
OpenSemaphoreA
GetSystemTime
GetFileAttributesExA
HeapValidate
FindAtomA
GetNumberFormatA
GetThreadSelectorEntry
GetModuleFileNameA
GetDiskFreeSpaceA
SetSystemTime
SetLocalTime
LZOpenFileA
ShowConsoleCursor
GetEnvironmentVariableA
EnumSystemLocalesA
GetDriveTypeA
GetProcessAffinityMask
ReadConsoleA
SetFileAttributesA
GetUserDefaultUILanguage
PostQueuedCompletionStatus
SetVDMCurrentDirectories
Module32First
WriteConsoleOutputCharacterA
GetVersionExA
GetStdHandle
GlobalHandle
GetModuleHandleA
OpenWaitableTimerA
RaiseException
ReadConsoleOutputCharacterA
OpenEventA
GetPriorityClass
SetInformationJobObject
GetLocalTime
SetMessageWaitingIndicator
GetProcessShutdownParameters
FlushViewOfFile
IsBadStringPtrA
GetPrivateProfileSectionNamesA
GetOEMCP
GetLocaleInfoA
SizeofResource
LZOpenFileA
SetVolumeMountPointA
GetEnvironmentVariableA
ReplaceFileA
LoadModule
GetConsoleAliasExesA
GetLocaleInfoA
WaitForMultipleObjectsEx
GetModuleHandleA
GetVolumePathNameA
GetFileAttributesExA
IsBadStringPtrA
MoveFileExW
WriteProfileStringA
GetStringTypeExA
RaiseException
CancelWaitableTimer
GetConsoleMode
GetConsoleCursorMode
GetVolumePathNamesForVolumeNameA
CreateWaitableTimerA
GetEnvironmentVariableW
ReadConsoleA
GetTempPathA
GetCurrentProcessId
SetLastConsoleEventActive
GetConsoleTitleA

advapi32

EncryptionDisable

user32

IsCharUpperA
PaintMenuBar
DestroyIcon
IsWinEventHookInstalled
GetProcessWindowStation
GetSysColorBrush
GetParent
GetMessageExtraInfo
BroadcastSystemMessageExA
MenuWindowProcA
ChangeClipboardChain
IsClipboardFormatAvailable
GetClassWord
SetWindowLongA
SetWindowLongA
SetTimer
IsRectEmpty
IsGUIThread
CallNextHookEx
AllowSetForegroundWindow
GetKeyNameTextA
CallNextHookEx
AllowSetForegroundWindow
CharNextA
OffsetRect
GetClassInfoExW
GetInputState
CallMsgFilter
GetWindowDC
GetMenuDefaultItem
GetDlgCtrlID
RegisterLogonProcess
SendMessageTimeoutW
CloseDesktop
GetInputState
CharToOemBuffW
CallWindowProcA
ChangeClipboardChain
EndDeferWindowPos
MonitorFromWindow
SetWindowPlacement
GetWindowRect
OpenWindowStationA
GetKeyboardLayout
LoadRemoteFonts
EnableScrollBar
UnionRect
GetMonitorInfoA
GetAltTabInfoA
GetClientRect
SendDlgItemMessageA
ArrangeIconicWindows
GetActiveWindow

opengl32

glRasterPos2i

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31d65fefc3903fe04cd0e48f2401c63e

Headers

File Characteristics

Imports

kernel32

advapi32

user32

opengl32

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 80B

.rsrc Size: 118KB - Virtual size: 118KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 80B

.rsrc
Size: 118KB - Virtual size: 118KB