44812fcb7a677e873c94566f1b4db6b5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

44812fcb7a677e873c94566f1b4db6b5_JaffaCakes118
Size

126KB
MD5

44812fcb7a677e873c94566f1b4db6b5
SHA1

f17ff6fdac6c5bf7261ba5c449c59cbe03d00d13
SHA256

d364b25b1e68cf6967f710b79150147203c39fb16c0e53125b34f617c64fa5b3
SHA512

dc94e229e7fbe8e21932ef84b45e74b37d3523781a92b4a6f62545b9c65d266533a84d0ce4daf2475d2e6a769c8626e88ec28f6c9d74c00d7212c3148112d51a
SSDEEP

3072:dL96eH+xMkmpJNxdJMfEje/SSfkNKTkCXoB:b6eHdTCGgbX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44812fcb7a677e873c94566f1b4db6b5_JaffaCakes118

Files

44812fcb7a677e873c94566f1b4db6b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ad31e6083d31844e81ee54e77cab94b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetObjectW
CreateSolidBrush
GetDeviceCaps
SetBkColor
CreateFontIndirectW
DeleteObject
SetBkMode

user32

GetDlgItem
SendMessageW
DestroyWindow
BeginPaint
MessageBoxW
ReleaseDC
PostMessageW
GetParent
SetDlgItemTextW
LoadStringW
SetWindowPos
GetWindowDC
LoadIconW
EndPaint
SetWindowLongW
LoadBitmapW
GetWindowLongW
DefWindowProcW

ole32

CoUninitialize
CoCreateInstance
CoInitialize

shell32

ShellExecuteW
SHBrowseForFolderW
SHGetSpecialFolderPathW
SHGetPathFromIDListW

oleacc

CreateStdAccessibleObject

crypt32

CryptQueryObject
CertGetNameStringW
CertFreeCertificateContext
CryptDecodeObject
CertFindCertificateInStore
CryptMsgGetParam
CryptMsgClose
CertEnumSystemStoreLocation
CertCloseStore

kernel32

CancelWaitableTimer
QueryPerformanceCounter
FreeEnvironmentStringsA
ExitProcess
UnhandledExceptionFilter
RtlUnwind
TlsGetValue
GetOEMCP
DeleteCriticalSection
SetLastError
GetTickCount
OpenProcess
HeapDestroy
RaiseException
TlsAlloc
HeapCreate
GetModuleHandleA
TlsFree
GetCommandLineA
IsDebuggerPresent
InterlockedIncrement
GetFileAttributesW
IsValidCodePage
FlushFileBuffers
ExitProcess
SetHandleCount
GetEnvironmentStringsW
ReadFile
LoadLibraryW
HeapFree
SetUnhandledExceptionFilter
GetCurrentThreadId
GetStartupInfoA
HeapAlloc
GetVersionExA
TlsSetValue
FreeEnvironmentStringsW
GetCPInfo
GetModuleFileNameA
GetEnvironmentStrings
GetFileType
TerminateProcess
GetStdHandle
GetProcessHeap
VirtualFree
GetCurrentProcess
GetACP
WideCharToMultiByte

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad31e6083d31844e81ee54e77cab94b7

Headers

File Characteristics

Imports

gdi32

user32

ole32

shell32

oleacc

crypt32

kernel32

Sections

.text Size: 98KB - Virtual size: 98KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 23KB - Virtual size: 22KB

.rsrc Size: 1024B - Virtual size: 332KB

.text
Size: 98KB - Virtual size: 98KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 23KB - Virtual size: 22KB

.rsrc
Size: 1024B - Virtual size: 332KB