44e7ff1e84276fbede9b73fe71872814_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

44e7ff1e84276fbede9b73fe71872814_JaffaCakes118
Size

277KB
MD5

44e7ff1e84276fbede9b73fe71872814
SHA1

a0a54022866a619df9faa7749f8dcc0d916ee0c2
SHA256

1ec85283783b2758111efd4731b7c11bca29b7f595a9db3a70630d2adbf66531
SHA512

2b321f89c67381b29bba68b52e8472aca944ebbef08205d915824d7c2b4d9d9055aba696e90bb409a78af821c49fdaf084e7f06b859bec60ea00e1fb567056f2
SSDEEP

6144:8BFsaN8byePRjDI2DB7Evx9RmDojPMl64JaChGdkVuT2Ca:8BFPN85VI2DtEPRmEPP4U2UeuT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44e7ff1e84276fbede9b73fe71872814_JaffaCakes118

Files

44e7ff1e84276fbede9b73fe71872814_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b86c0c4e3827fd541b39e1b663c78cf2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetUserDefaultLCID
GetPrivateProfileStringA
LoadLibraryW
GetStartupInfoW
DeleteCriticalSection
HeapAlloc
LoadLibraryA
TlsFree
MultiByteToWideChar
UnhandledExceptionFilter
GetPrivateProfileSectionNamesW
CompareStringW
GetCurrentThread
Sleep
TlsAlloc
GetCPInfo
GetStringTypeW
GetTimeFormatA
SetConsoleTextAttribute
SetLastError
GetFileType
GetTimeZoneInformation
GetLastError
GetFullPathNameA
HeapDestroy
TlsSetValue
GetStringTypeA
GetProcAddress
EnumSystemLocalesA
GetStdHandle
WriteFile
GetFullPathNameW
GetEnvironmentStringsW
CreateProcessA
HeapSize
VirtualQuery
LeaveCriticalSection
WideCharToMultiByte
SetEnvironmentVariableA
GetCommandLineA
InterlockedDecrement
TlsGetValue
GetStartupInfoA
HeapReAlloc
LCMapStringW
ExitProcess
EnterCriticalSection
CompareStringA
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
IsValidCodePage
GetModuleHandleA
GetModuleFileNameW
InterlockedIncrement
IsDebuggerPresent
GetCurrentThreadId
SetHandleCount
VirtualFree
GetEnvironmentStrings
GetOEMCP
GetCurrentProcessId
GetModuleFileNameA
IsValidLocale
GetDateFormatA
FlushInstructionCache
GetTickCount
HeapCreate
FreeLibrary
GetLocaleInfoW
SetUnhandledExceptionFilter
SetConsoleCtrlHandler
RtlUnwind
GetLocaleInfoA
GetSystemTimeAsFileTime
InterlockedExchange
LCMapStringA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetProcessHeap
GetCommandLineW
GetVersionExA
InitializeCriticalSection
HeapFree

gdi32

CreateColorSpaceW
SetICMProfileA
EnumFontFamiliesExA
MoveToEx
GetCharABCWidthsW
ResetDCA
SetBkMode
ExtEscape
GetDeviceCaps
PtVisible
StartDocA
GetCharWidthA
PatBlt
GetGlyphOutlineW
CheckColorsInGamut
RectVisible
InvertRgn
GetEnhMetaFileW
GetBitmapDimensionEx
CreateMetaFileW
GetSystemPaletteEntries

shell32

FindExecutableW
SheChangeDirA
SHGetSpecialFolderPathA
SheSetCurDrive
SHGetPathFromIDListA
SHGetFileInfo
SHAddToRecentDocs
SHGetDesktopFolder
SHFileOperationA
InternalExtractIconListA
FreeIconList
SHGetDataFromIDListW
InternalExtractIconListW
SHGetMalloc
SHQueryRecycleBinW
RealShellExecuteA
ShellAboutA
SHFormatDrive
RealShellExecuteExW
DuplicateIcon
SHFileOperationW
SHFileOperation
SHGetPathFromIDListW

advapi32

CreateServiceW
LookupAccountSidA
RegSetValueExW
RegCreateKeyA
RegCreateKeyW
CryptSignHashA
LookupPrivilegeNameA
CryptExportKey
RegLoadKeyW
RegEnumKeyW
CryptEnumProvidersW
LookupAccountNameW
CryptSetProviderW
LookupPrivilegeValueW
RegDeleteKeyW
CryptVerifySignatureW
RegSetValueW
RegOpenKeyA

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b86c0c4e3827fd541b39e1b663c78cf2

Headers

File Characteristics

Imports

kernel32

gdi32

shell32

advapi32

Sections

.text Size: 123KB - Virtual size: 123KB

.data Size: 140KB - Virtual size: 158KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 123KB - Virtual size: 123KB

.data
Size: 140KB - Virtual size: 158KB

.rsrc
Size: 12KB - Virtual size: 11KB