44fb1bf4f7489d6c94b5a4b5d50039d3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

44fb1bf4f7489d6c94b5a4b5d50039d3_JaffaCakes118
Size

325KB
MD5

44fb1bf4f7489d6c94b5a4b5d50039d3
SHA1

9da3ffcaf456ad7286be4c17dff0328dd6003212
SHA256

6993a8e7f3913544360725b460e1d611d688ecc0b2afc0a232a392822c0757b4
SHA512

9a860cf06241cb627d4981e16269c04464038e41aa1e2f879eebdf912735d303b9baf8c555b25c5055e1ecff7236d7aead4de64969f260d3dcc67347ad87a442
SSDEEP

6144:RA9gJPU1uWNs6pX+mtVJ8CB28LR4R30KQUp0R2SZmpzHuCUdaZy:RDc17NsANt/8CM8LR4R0SNSopz0UZy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44fb1bf4f7489d6c94b5a4b5d50039d3_JaffaCakes118

Files

44fb1bf4f7489d6c94b5a4b5d50039d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2d43208b5071db69849334c04f541224

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSizeEx
GetTempFileNameA
GetFileType
CreateFileA
ReadFile
SetFilePointerEx
LockResource
SearchPathA
GlobalFree
FlushViewOfFile
FindFirstFileExA
CheckNameLegalDOS8Dot3A
ReadFileScatter
SetFileValidData
FindClose
CancelIo
CreateFileMappingA
MoveFileA
CreateHardLinkA
SetFileAttributesA
OpenFileMappingA
LockFileEx
CloseHandle
FreeLibrary
PostQueuedCompletionStatus
LockFile
CreateIoCompletionPort
GetFullPathNameA
GetTempPathA
UnlockFileEx
ReplaceFileA
GetFileAttributesA
ReadFileEx
SetFilePointer
UnlockFile
UnmapViewOfFile
LoadLibraryA
WriteFile
SetFileApisToOEM
SetFileApisToANSI
WriteFileGather
MoveFileWithProgressA
GetCompressedFileSizeA
CopyFileA
SetEndOfFile
GetTickCount
GetLongPathNameA
WriteFileEx
LoadResource
MapViewOfFile
CopyFileExA
GetShortPathNameA
GetFileInformationByHandle
GetFileSize
SetFileTime
GetBinaryTypeA
GetFileAttributesExA
SizeofResource
SetFileShortNameA
FindNextFileA
GetProcAddress
FindResourceA
MapViewOfFileEx
GetFileTime
LoadLibraryExW
FlushFileBuffers
FindFirstFileA
MoveFileExA
WinExec
GetModuleFileNameA
GetModuleHandleA
ExitProcess
MoveFileExW
GetCommandLineW
AreFileApisANSI
GetQueuedCompletionStatus
GlobalAlloc

user32

MoveWindow
GetDesktopWindow
SetDlgItemTextA
EndDialog
DialogBoxParamA
GetWindowRect

advapi32

SetFileSecurityA

shell32

CommandLineToArgvW

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d43208b5071db69849334c04f541224

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 50KB - Virtual size: 49KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 72KB - Virtual size: 72KB

.rsrc Size: 199KB - Virtual size: 199KB

.text
Size: 50KB - Virtual size: 49KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 72KB - Virtual size: 72KB

.rsrc
Size: 199KB - Virtual size: 199KB