4049ad6165b64f46e786cf55f25f677c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4049ad6165b64f46e786cf55f25f677c_JaffaCakes118
Size

328KB
MD5

4049ad6165b64f46e786cf55f25f677c
SHA1

ec76d90429efd44526d385f5fe149480c8432c41
SHA256

b423b61acd010c95cce4671a9ac57dc809214b07e9271994db37284e090181b8
SHA512

baa600b5e904c8788d272b03375c01e37fadfcf4865ca07af02cfeda47828e68becdde557e6df9c96684f611080284ae15ab33bae2d7d1ed8bdcce74366749f8
SSDEEP

6144:6B7plahw+GHtJreI1gcvFloF0fBGcnWXIqOmjoeX6grAu1vR5Vi09UKnRd:61pkhwTJreI1gcvFrKIqdkeX6grAu1p7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4049ad6165b64f46e786cf55f25f677c_JaffaCakes118

Files

4049ad6165b64f46e786cf55f25f677c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fa4d28171c6f1f6fcbb61b296daec49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

frespor

_RESPOR_LERESFORC@12
_RESPOR_LERABRIR@32
_RESPOR_CASOATUAL@4
_RESPOR_FECHAR@0

fcritpor

_CARRPORLERCASO@76
_CARRPORNCASOS@4
_CARRPORLER@12

customdl

_VERFCBLHLIST@4
_VERFCBNTNT@0
_VERFCBPRG@12
_VERFCBCD@8
_VERFCBLPRIST@4
_VERFCBDLXY@20

jmsgdll

_writej@4
_writejpidx@8

user32

GetCursorPos

ole32

CoUninitialize
CoCreateGuid
CoInitialize

advapi32

RegOpenKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey

kernel32

CompareStringA
CompareStringW
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
SetUnhandledExceptionFilter
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
CloseHandle
CreateFileA
ReadFile
SetFilePointer
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
QueryPerformanceCounter
GetDiskFreeSpaceExA
GetCurrentThreadId
GetCurrentProcessId
GlobalMemoryStatus
GetTempPathA
GetFullPathNameA
QueryDosDeviceA
GetEnvironmentVariableA
SetErrorMode
Sleep
Beep
GetLocalTime
SetLocalTime
GetCurrentProcess
SetFileAttributesA
GetACP
GetVersion
SetHandleCount
GetFileInformationByHandle
RtlUnwind
GetStartupInfoA
TerminateProcess
HeapAlloc
HeapReAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
GetSystemTimeAsFileTime
GetLastError
SetConsoleCtrlHandler
GetCurrentDirectoryA
SetCurrentDirectoryA
SetEnvironmentVariableA
CreateDirectoryA
GetDriveTypeA
MoveFileA
DeleteFileA
WriteFile
GetFileType
GetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime
PeekNamedPipe
MultiByteToWideChar
FindFirstFileA
FindNextFileA
FindClose
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetStdHandle
SetStdHandle
SetEndOfFile
GetProcAddress
HeapSize
RaiseException
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
LoadLibraryA
VirtualAlloc
IsBadWritePtr
FlushFileBuffers
SetEnvironmentVariableW
GetCPInfo
GetOEMCP
GetStringTypeA

Sections

.text
Size: 284KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8fa4d28171c6f1f6fcbb61b296daec49

Headers

File Characteristics

Imports

frespor

fcritpor

customdl

jmsgdll

user32

ole32

advapi32

kernel32

Sections

.text Size: 284KB - Virtual size: 281KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 32KB - Virtual size: 90KB

.text
Size: 284KB - Virtual size: 281KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 32KB - Virtual size: 90KB