JaffaCakes118_0e45bb7e9b72f6a086d214bb909dff31

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_0e45bb7e9b72f6a086d214bb909dff31
Size

272KB
MD5

0e45bb7e9b72f6a086d214bb909dff31
SHA1

0cee0e9cdb888697d65b2870c6a82f5a5d6c9b73
SHA256

56cfb43f4adc4ce0aa4a23144ac49f48a2d8e23a7439e67a47b5c2785847c4b9
SHA512

5784c8985ca08cc116899de33867ef9e1528f69dcd1636ae077fb315f006e226fbbdd087e79808cea044298e44ad590c15a20e6bcdfa00e3119a3a39d9e9745e
SSDEEP

6144:9wuxFVr9Bn4UKlz2FXbqIXuvafJ7tEUGUj4owvcI05zn:9woVr9t4UE2FXbYyduUGUkaI0n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0e45bb7e9b72f6a086d214bb909dff31

Files

JaffaCakes118_0e45bb7e9b72f6a086d214bb909dff31
.exe windows:4 windows x86 arch:x86

1a3476c8317b142bcc620248f4c6ecd5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

userenv

UnloadUserProfile

advapi32

RegEnumValueW
RegQueryInfoKeyW
GetLengthSid
OpenProcessToken
RegEnumKeyExW
RegOpenKeyExW
OpenThreadToken
IsValidSid
GetTokenInformation
RegCloseKey
RegQueryValueExW
CopySid
EqualSid

ole32

CoCreateInstance
CoRevertToSelf
CoGetCallContext
CoImpersonateClient

shlwapi

StrRetToStrW

user32

UnregisterClassA
CharUpperBuffW
wsprintfW
GetWindowLongW

oleaut32

SysAllocStringLen
SafeArrayLock
SafeArrayUnlock
SysStringLen
VarBstrCmp
SysStringByteLen
LoadTypeLi
VariantClear
SafeArrayGetLBound
SysFreeString
SysAllocString
VariantInit
VariantCopy
SafeArrayGetUBound
SysAllocStringByteLen
SafeArrayCreate
VarBstrCat
SafeArrayRedim
SafeArrayCopy
SafeArrayDestroy
SafeArrayGetVartype
LoadRegTypeLi
VariantCopyInd

kernel32

HeapFree
SetLastError
GetSystemTimeAsFileTime
FindVolumeMountPointClose
HeapSize
IsDebuggerPresent
HeapReAlloc
ExpandEnvironmentStringsW
GetThreadLocale
CloseHandle
RaiseException
GetACP
FormatMessageW
EnterCriticalSection
GetCurrentThreadId
GetLogicalDrives
GetVolumeNameForVolumeMountPointW
GetModuleHandleW
GetDriveTypeW
SetUnhandledExceptionFilter
FindNextVolumeMountPointW
DeleteCriticalSection
SetThreadLocale
UnhandledExceptionFilter
FindFirstVolumeMountPointW
GetLogicalDriveStringsW
LeaveCriticalSection
QueryDosDeviceW
HeapAlloc
lstrlenW
HeapDestroy
GetProcessHeap
CreateMutexA
VirtualAlloc

shell32

SHGetDesktopFolder
SHGetMalloc

comctl32

CreateStatusWindow
ImageList_AddIcon
ImageList_DragMove
ImageList_SetFilter
ImageList_DrawIndirect
ImageList_GetFlags

modemui

UnimodemDevConfigDialog

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 229KB - Virtual size: 735KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a3476c8317b142bcc620248f4c6ecd5

Headers

File Characteristics

Imports

userenv

advapi32

ole32

shlwapi

user32

oleaut32

kernel32

shell32

comctl32

modemui

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 229KB - Virtual size: 735KB

.rsrc Size: 17KB - Virtual size: 150KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 229KB - Virtual size: 735KB

.rsrc
Size: 17KB - Virtual size: 150KB