4479472bae8065deb3412afe4100180a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4479472bae8065deb3412afe4100180a_JaffaCakes118
Size

147KB
MD5

4479472bae8065deb3412afe4100180a
SHA1

538b08b87f2e7b76536d8f4df8d758ba39956470
SHA256

e07f48793cc03945c91cfc7c5152c4c5c51fb175be0dc71d75ec7f80447b51c5
SHA512

1b77dfe3595473454e2e7f6198dba5b1363422c4e98fe43408d8789332d2ddd0eea0edb9b90854bcd274012d76da8419ca23703d426a6cb341ae527cf789f077
SSDEEP

3072:cvWY3KYPT0rOnqWcwVCC21l5johDyh1bTY9Z4pm6eb:pwwrMj/213or4cl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4479472bae8065deb3412afe4100180a_JaffaCakes118

Files

4479472bae8065deb3412afe4100180a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7e429caf894e8c0ffcfa0914481680f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerFindFileA
VerInstallFileA
VerQueryValueA

shlwapi

PathFileExistsA
PathIsContentTypeA
SHEnumValueA
PathIsDirectoryA
SHGetValueA
SHStrDupA
SHDeleteKeyA
SHDeleteValueA
SHQueryValueExA
SHQueryInfoKeyA
PathIsDirectoryA

user32

SetCursor
SystemParametersInfoA
MessageBoxA
CallWindowProcA
SetTimer
GetCursor
BeginPaint
GetMenuStringA
CharNextA
GetIconInfo
GetKeyState
DrawMenuBar
GetPropA
EnumThreadWindows
DispatchMessageA
DrawEdge
GetFocus
FindWindowA
GetClientRect
CreateMenu
EnableMenuItem
CharLowerA
GetScrollRange
GetFocus
EnumChildWindows
GetIconInfo
GetSysColor
EnumWindows
GetCursor
DeferWindowPos
GetMenuItemCount
EndDeferWindowPos
SetWindowPos
CallWindowProcA
CreateIcon
GetDesktopWindow
GetClassInfoA

ole32

MkParseDisplayName
CoUnmarshalInterface
CoGetContextToken

msvcrt

_acmdln
exit
wcsncmp
mbstowcs
srand
calloc
memcpy
malloc
tolower
atol
memmove
rand
sqrt

kernel32

RaiseException
GlobalDeleteAtom
Sleep
FindFirstFileA
SetHandleCount
EnumCalendarInfoA
GetFullPathNameA
GetCurrentThread
FreeResource
GetVersionExA
lstrcmpiA
GetProcAddress
SetEvent
InitializeCriticalSection
DeleteCriticalSection
lstrlenA
SizeofResource
ExitProcess
GetCommandLineA
SetEvent
WriteFile
HeapFree
GetVersionExA
VirtualAllocEx
LoadResource
GetDiskFreeSpaceA
VirtualQuery
GetCurrentThreadId
WideCharToMultiByte
MoveFileExA
GlobalDeleteAtom
LoadLibraryExA
VirtualAlloc

advapi32

RegEnumKeyA
RegCreateKeyA
RegOpenKeyExA
RegEnumValueA

gdi32

GetDIBColorTable
SetBkColor

comdlg32

GetFileTitleA
GetSaveFileNameA

shell32

SHGetFolderPathA
SHGetFileInfoA
SHGetDesktopFolder
DragQueryFileA

Sections

.idata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 111KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e7e429caf894e8c0ffcfa0914481680f

Headers

File Characteristics

Imports

version

shlwapi

user32

ole32

msvcrt

kernel32

advapi32

gdi32

comdlg32

shell32

Sections

.idata Size: 28KB - Virtual size: 28KB

INIT Size: 111KB - Virtual size: 191KB

.init Size: 5KB - Virtual size: 5KB

.rdata Size: 1024B - Virtual size: 960B

.idata
Size: 28KB - Virtual size: 28KB

INIT
Size: 111KB - Virtual size: 191KB

.init
Size: 5KB - Virtual size: 5KB

.rdata
Size: 1024B - Virtual size: 960B