45065f87a96e8125ff399151b392e38b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45065f87a96e8125ff399151b392e38b_JaffaCakes118
Size

47KB
MD5

45065f87a96e8125ff399151b392e38b
SHA1

976172979dda50ed87a695a433704cf1a6afc389
SHA256

7439c6bd1fe27c90f734333d743a51f56079210fb931f5ad79e18be5171423e2
SHA512

89b24094606c3cdbc353147e0ffefbe0f0a2e3c39df68cc109a7a29037303246ce2be05ccfb254574aa30867c2c75fd0d24b625fd12691f0147a2a309efb8ebd
SSDEEP

768:xkMxR/9zb4zWRHCjICvSJx/HBZbY8jUe9HaSQW87/D6cY2qCNmbBb/gaMNmVj7iI:xkMxPzgWRHCZvSDDb9HaSQWu/DrY2qCS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45065f87a96e8125ff399151b392e38b_JaffaCakes118

Files

45065f87a96e8125ff399151b392e38b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ab20503f1f8bfb55aa709f120d5d25da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharUpperW
CharLowerW
LoadStringW

secur32

GetUserNameExW

ws2_32

WSACleanup

shlwapi

StrStrW
StrStrIW
StrChrW
StrChrIW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

msvcrt

fflush
wcstol
wcstoul
wcstod
_except_handler3
_fileno
exit
_errno
fprintf
??3@YAXPAX@Z
_ultow
_vsnwprintf
__CxxFrameHandler
_iob
wcstok
_c_exit
_exit
_XcptFilter
__winitenv
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
??2@YAPAXI@Z
_cexit
__p__commode
__p__fmode
__set_app_type
_controlfp
_get_osfhandle

advapi32

AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueW
GetLengthSid
CopySid
LookupPrivilegeDisplayNameW
LookupPrivilegeNameW
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
GetTokenInformation
LookupAccountSidW

kernel32

GetSystemDirectoryW
LoadLibraryW
GetProcAddress
FreeLibrary
HeapReAlloc
HeapFree
WriteConsoleW
HeapSize
HeapAlloc
GetProcessHeap
HeapValidate
WideCharToMultiByte
ExitProcess
GetThreadLocale
CompareStringW
lstrlenW
GetFileType
GetStdHandle
GetConsoleMode
VerSetConditionMask
VerifyVersionInfoW
FormatMessageW
LocalFree
GetCurrentProcess
CloseHandle
SetLastError
GetLastError
GetConsoleOutputCP
GetModuleFileNameW
GetTimeFormatW
FileTimeToSystemTime
TerminateProcess
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
CompareStringA

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jgd
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ab20503f1f8bfb55aa709f120d5d25da

Headers

DLL Characteristics

File Characteristics

Imports

user32

secur32

ws2_32

shlwapi

version

msvcrt

advapi32

kernel32

Sections

.text Size: 33KB - Virtual size: 32KB

.data Size: 512B - Virtual size: 344B

.rsrc Size: 12KB - Virtual size: 36KB

.jgd Size: - Virtual size: 1B

.text
Size: 33KB - Virtual size: 32KB

.data
Size: 512B - Virtual size: 344B

.rsrc
Size: 12KB - Virtual size: 36KB

.jgd
Size: - Virtual size: 1B