44928712986ff5d2a103f20d628cd92b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

44928712986ff5d2a103f20d628cd92b_JaffaCakes118
Size

417KB
MD5

44928712986ff5d2a103f20d628cd92b
SHA1

b74f3350a1da2c6c096e0ec55efbb19cd3adb951
SHA256

69918836b8eb52cd415f0e070a894d707278104149d1a8649239147c99cf4b83
SHA512

1dfb7d124e3210c0a845f925f6d3ff0aa27eb7c6a43c0658ec597c278e020e11f86648ae4af646fe7f293cbb552a6a5387a97f9d57472d3aafbb282b5dfa4ddb
SSDEEP

6144:WMT7u0A1Fsn0drLvJEvNDPYAxhqhiHSqBdapqi8MBqyvg1WBFl6CSkY0/VnSceFB:7AgngLxEvJrKUyqBdaZ0GsZ0/5Snos

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44928712986ff5d2a103f20d628cd92b_JaffaCakes118

Files

44928712986ff5d2a103f20d628cd92b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

af4b1adf1255bb238d6e4f2353b7e473

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileSectionA
LeaveCriticalSection
lstrcatW
SetTimeZoneInformation
GetStdHandle
GetPrivateProfileSectionNamesA
HeapAlloc
LoadLibraryA
GlobalCompact
GetEnvironmentStringsW
GetDiskFreeSpaceA
EnumResourceLanguagesA
GetDiskFreeSpaceExW
EnterCriticalSection
InterlockedExchange
GetTickCount
GetStartupInfoW
HeapDestroy
InitializeCriticalSection
DosDateTimeToFileTime
GetEnvironmentStrings
GetCommandLineW
IsBadWritePtr
GetCurrentThread
DeleteFileA
SetLastError
GetModuleFileNameW
HeapCreate
GetProcAddress
SetEnvironmentVariableW
GetVersion
HeapFree
SetConsoleCursorPosition
GetCommandLineA
ReadFile
TlsAlloc
VirtualQuery
EnumSystemLocalesA
TlsFree
GetSystemTimeAsFileTime
DeleteCriticalSection
TlsGetValue
SetStdHandle
GetStartupInfoA
HeapReAlloc
SetHandleCount
ExitProcess
EnumResourceNamesA
SetLocaleInfoA
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
VirtualFree
GetModuleHandleA
GetFileType
TlsSetValue
UnhandledExceptionFilter
GetCurrentThreadId
RtlUnwind
MultiByteToWideChar
FreeEnvironmentStringsW
GetLastError
GetCurrentProcessId
GetModuleFileNameA
WriteFile
FreeEnvironmentStringsA
CreateMutexA

user32

CloseWindowStation
UnhookWindowsHook
GetInputState
NotifyWinEvent
CheckDlgButton
ChangeMenuA
GetClipboardFormatNameW
VkKeyScanExW
GetTitleBarInfo
ToUnicode
ChangeDisplaySettingsExW
DdeImpersonateClient
CreateDialogParamA
ScrollWindowEx
IsCharAlphaA
TrackPopupMenuEx
CountClipboardFormats
GetClassNameA
PaintDesktop
RemoveMenu
CreatePopupMenu
GetSystemMenu
MonitorFromWindow

advapi32

InitiateSystemShutdownA
RegDeleteValueA
CryptGetDefaultProviderA
LookupAccountSidA
CryptDecrypt
CryptCreateHash
RegReplaceKeyW
CryptHashData
RegSetValueExA
CryptEnumProviderTypesW

wininet

InternetCombineUrlW
InternetAttemptConnect
InternetSetDialStateA
InternetGetConnectedStateExA
SetUrlCacheConfigInfoW
GetUrlCacheConfigInfoA
GopherFindFirstFileW
DeleteUrlCacheEntry
FtpDeleteFileA
GopherGetAttributeW
GopherGetLocatorTypeA
GopherGetLocatorTypeW
InternetInitializeAutoProxyDll
DeleteIE3Cache

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 301KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af4b1adf1255bb238d6e4f2353b7e473

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

Sections

.text Size: 104KB - Virtual size: 104KB

.data Size: 301KB - Virtual size: 310KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 104KB - Virtual size: 104KB

.data
Size: 301KB - Virtual size: 310KB

.rsrc
Size: 10KB - Virtual size: 9KB