464cae5f892a0e6f4df8bf0e93b3414a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

464cae5f892a0e6f4df8bf0e93b3414a_JaffaCakes118
Size

143KB
MD5

464cae5f892a0e6f4df8bf0e93b3414a
SHA1

3b1e9383f11312030daa37412a2f59cf16e93b68
SHA256

e3a2d1e292ac09e73d319dcc56006e8c274877f7b34f83c790bf174c6d5f7555
SHA512

67ddd51ab61d5114375bfd4508ca3d7f649cd337a2eb86e5e9561b50e3ad4f5a776b670cfd7e37b0a99b52e84b497b0f161f365b26aab4afd153eded502d3257
SSDEEP

3072:MTDshWPbQ5WpDqIqOvVB8jzgxrfO1F4LK58wONe:+7MWZqM8jzgJsF6K5rOo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
464cae5f892a0e6f4df8bf0e93b3414a_JaffaCakes118

Files

464cae5f892a0e6f4df8bf0e93b3414a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bceab40512d0e061d7790a5818086184

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

_vsnwprintf
wcslen
memset

shlwapi

PathIsContentTypeA
StrStrIA
ord157
StrCmpNIW
SHRegGetUSValueA

shell32

ord192
ord73

kernel32

lstrcpyA
PulseEvent
SetupComm
HeapAlloc
SetMailslotInfo
SetHandleInformation
GetProfileStringW
BackupSeek
WriteProfileStringW
SetFileShortNameW
ReadFileScatter
GetExitCodeProcess
lstrcpynW
ReleaseSemaphore
GetHandleInformation
MoveFileW
FindClose
MoveFileA
EnumResourceNamesA
CloseHandle
GetCurrentProcessId
ResetWriteWatch
lstrcmpiW
LoadLibraryA
GetProcAddress
GetTimeZoneInformation
GetWindowsDirectoryA
PeekNamedPipe
FormatMessageW
_lcreat
CompareFileTime
FileTimeToDosDateTime
WriteFileGather

user32

PostMessageW
EnumPropsExA
TranslateAcceleratorW
EnumPropsW
EndPaint
IsWindowVisible
CreateDialogParamW
GetDCEx
GetKeyboardState
CharLowerW
CharPrevA
DlgDirSelectExA
CopyImage
GetMenuDefaultItem
GetMenuCheckMarkDimensions
BeginPaint
SetPropW
GetScrollBarInfo
TranslateMessage
LoadAcceleratorsW
GetWindowTextA
ScrollDC
GetAltTabInfoA
PeekMessageW
ReleaseDC
ScrollWindow
GetComboBoxInfo
SetWindowTextA
DispatchMessageW
GetParent
GetDC
GetPropW
GetWindowRgn

gdi32

ModifyWorldTransform
SetBoundsRect
OffsetClipRgn
GetWorldTransform
SetTextColor
LineTo
GetCharABCWidthsA
CreateBitmap
SetWindowExtEx
GetTextCharset
DescribePixelFormat
SetDIBitsToDevice
DeleteDC
GetBitmapBits
GetTextMetricsW
FillRgn

advapi32

InitializeSid
GetSidLengthRequired
GetSidSubAuthority
EqualSid
PrivilegedServiceAuditAlarmA

Exports

Exports

__GetModuleFileName@12
__ValidateRgn@12

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TEMP
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pedata
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 802B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bceab40512d0e061d7790a5818086184

Headers

File Characteristics

Imports

ntdll

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.code Size: 12KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 228B

TEMP Size: 3KB - Virtual size: 3KB

.pedata Size: 1024B - Virtual size: 592B

.rsrc Size: 126KB - Virtual size: 126KB

.reloc Size: 1024B - Virtual size: 802B

.text
Size: 1KB - Virtual size: 1KB

.code
Size: 12KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 228B

TEMP
Size: 3KB - Virtual size: 3KB

.pedata
Size: 1024B - Virtual size: 592B

.rsrc
Size: 126KB - Virtual size: 126KB

.reloc
Size: 1024B - Virtual size: 802B