45cb1b27bca88a8be4a24cb7cfe5c780_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45cb1b27bca88a8be4a24cb7cfe5c780_JaffaCakes118
Size

215KB
MD5

45cb1b27bca88a8be4a24cb7cfe5c780
SHA1

b6b32fa97fb4f8ca82b71fd8cfe51391b95026f0
SHA256

1eb2a34536612a90e99f8a1610ca1142be5e5972c9f7e88b796d62fe8c4847d6
SHA512

2ba038c6ec42965e98ba8eb29de10dd90eb37dde7176b77f846057048263d0af78d8e9cf303a9768c58a705d2e5e5657bab25d32cf658953f38a3749f748af33
SSDEEP

3072:15fTEoGe4DmzUA3XG/1f7OaFaEzwhtucaIHqTFYPHEa9JZe7XtFRAZPMf+HpsE3f:T3Sm6xOiX2tuFIKTFoHf907RAif++nxA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45cb1b27bca88a8be4a24cb7cfe5c780_JaffaCakes118

Files

45cb1b27bca88a8be4a24cb7cfe5c780_JaffaCakes118
.exe windows:4 windows x86 arch:x86

472ceb21d139cd1bddc559c4fc19863b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyW
RegDeleteKeyA
RegSetValueExA
OpenProcessToken
RegEnumValueW
RegQueryValueExA
RegQueryInfoKeyA
RegQueryValueExW
RegEnumKeyA
RegDeleteValueW
RegEnumKeyW
RegEnumValueA
RegCreateKeyA
RegSetValueExW
RegOpenKeyA
RegDeleteKeyW
LookupPrivilegeValueA
RegCloseKey
AdjustTokenPrivileges
RegOpenKeyW
RegDeleteValueA

kernel32

FileTimeToSystemTime
GetStringTypeA
HeapDestroy
GetStringTypeW
SetHandleCount
GlobalLock
HeapSize
GetDriveTypeA
GetFullPathNameA
TlsAlloc
ReadFile
GetLocalTime
GetEnvironmentStringsA
DeleteCriticalSection
RtlUnwind
InterlockedIncrement
SetFileTime
TlsGetValue
GetStdHandle
FormatMessageW
FreeLibrary
RemoveDirectoryA
GetModuleFileNameW
FindClose
RaiseException
SetEndOfFile
GetFileType
DeleteFileA
GetUserDefaultLCID
SetFilePointer
GlobalUnlock
GetUserDefaultLangID
MultiByteToWideChar
lstrcmpiA
GetCPInfo
GetVersion
IsDBCSLeadByte
CompareStringA
LeaveCriticalSection
SetEnvironmentVariableA
SetLastError
VirtualQuery
SetStdHandle
LoadLibraryW
GetTimeZoneInformation
WideCharToMultiByte
LockFile
GetLastError
LCMapStringW
HeapFree
FreeEnvironmentStringsA
GetVolumeInformationA
GetStartupInfoA
GetCurrentDirectoryA
FindNextFileA
HeapReAlloc
GetComputerNameA
HeapAlloc
InterlockedDecrement
CloseHandle
GetEnvironmentStrings
GetLocaleInfoW
IsValidCodePage
GetModuleFileNameA
WriteFile
FlushFileBuffers
SetCurrentDirectoryA
CreateDirectoryA
CompareStringW
SetErrorMode
IsBadReadPtr
GlobalFree
GlobalAlloc
LCMapStringA
FindFirstFileA
CreateFileA
TlsSetValue
GetFileTime
VirtualFree
HeapCreate
UnlockFile
FileTimeToLocalFileTime
GetTickCount
FreeEnvironmentStringsW
SetLocalTime
GetLocaleInfoA
GetFileAttributesA
GetCurrentProcess
GetCommandLineA
SetFileAttributesA

ole32

BindMoniker
CoDisconnectObject
CoGetMalloc
CreateBindCtx
CoCreateInstance
MkParseDisplayName
CoGetClassObject

user32

CharUpperBuffA
UnhookWindowsHookEx
CharToOemA
WaitForInputIdle
SetWindowsHookExW
GetKeyboardLayout
AttachThreadInput
CharLowerBuffW
SetKeyboardState
GetForegroundWindow
MessageBeep
SetForegroundWindow
IsWindowVisible
GetWindowThreadProcessId
SetFocus
GetWindowTextA
keybd_event
GetWindow
SendMessageA
FindWindowA
CallNextHookEx
LoadStringA
VkKeyScanW
CharUpperBuffW
GetAsyncKeyState
GetKeyboardState
GetFocus
CharLowerBuffA
FindWindowW
OemToCharA
IsWindowEnabled
VkKeyScanA
GetSystemMetrics
SetWindowsHookExA

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

472ceb21d139cd1bddc559c4fc19863b

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

user32

Sections

.text Size: 122KB - Virtual size: 122KB

.rdata Size: 63KB - Virtual size: 63KB

.rdata Size: 24KB - Virtual size: 23KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 122KB - Virtual size: 122KB

.rdata
Size: 63KB - Virtual size: 63KB

.rdata
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 3KB - Virtual size: 2KB