e9411d74b8dceed2c8da5bcc0284d136_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e9411d74b8dceed2c8da5bcc0284d136_JaffaCakes118
Size

566KB
MD5

e9411d74b8dceed2c8da5bcc0284d136
SHA1

2f1aadd1393a8e3e81849dd7673a327db8faa102
SHA256

41271d1ff666d84fad0d7fcc46c2563078c1fd1dd1f2d5f4d29cd5ba86381b70
SHA512

43d14d4bfbbb000fb4b47b4869fae29a7decb71c1a6a4115c8a3a727caa3123951a35aac8f726c6a02744561c7b95f7797d207023b3b6432257cbdb2ec375b2f
SSDEEP

12288:MQ97gndyAym6AD5F7zInPtlRMF8RbhFxojYnK:BgdyAr770llKF8p7xoL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9411d74b8dceed2c8da5bcc0284d136_JaffaCakes118

Files

e9411d74b8dceed2c8da5bcc0284d136_JaffaCakes118
.exe windows:4 windows x86 arch:x86

382b636a53d9891968ad8e1e8165b3a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\uocvkr\heljaabtdb\

Imports

comctl32

InitCommonControlsEx
CreatePropertySheetPage
ImageList_EndDrag

advapi32

LookupAccountNameA
LookupAccountSidW
RegSetValueExW
InitiateSystemShutdownW
RegQueryValueExA
CryptExportKey
CryptContextAddRef
RegSetKeySecurity
CreateServiceW
CryptGetHashParam
RegQueryValueExW
RegCreateKeyExA
LookupSecurityDescriptorPartsA
LookupPrivilegeDisplayNameW
GetUserNameA
CryptAcquireContextW
RegSaveKeyW
RegEnumKeyExW
RegSaveKeyA
CryptVerifySignatureW
RegQueryInfoKeyA
RegEnumValueW
CryptHashData
RegCreateKeyExW
CryptDestroyHash

user32

GetWindowDC
GetClassInfoA
ShowWindow
SetCursor
DefWindowProcA
CreateWindowExW
RegisterClassA
RegisterClassExA
DestroyWindow
MessageBoxW

kernel32

FreeEnvironmentStringsA
GetVersionExA
GetCurrentThread
GetStringTypeA
MoveFileA
GetProcessHeap
SetLastError
GetTimeFormatW
CreateMutexA
GetDateFormatA
GetConsoleMode
GetModuleFileNameA
InterlockedIncrement
QueryPerformanceCounter
GetLocaleInfoW
GetStartupInfoA
GetOEMCP
InitializeCriticalSection
TlsSetValue
HeapAlloc
MultiByteToWideChar
GetTickCount
GetStdHandle
HeapCreate
ReadConsoleA
UnhandledExceptionFilter
TlsFree
FlushFileBuffers
GetCurrentProcess
HeapSize
GetProcAddress
RaiseException
EnterCriticalSection
GetACP
LeaveCriticalSection
VirtualFree
GetDiskFreeSpaceW
WriteConsoleOutputAttribute
MapViewOfFile
OpenWaitableTimerA
HeapDestroy
IsValidLocale
OpenMutexA
TerminateProcess
Sleep
GetModuleHandleA
GetUserDefaultLCID
GetLocaleInfoA
SetHandleCount
IsValidCodePage
HeapFree
RtlUnwind
WriteConsoleW
GetConsoleOutputCP
WideCharToMultiByte
LoadLibraryA
SetEnvironmentVariableA
GetCommandLineA
TlsGetValue
FindNextChangeNotification
ExitProcess
IsDebuggerPresent
GetDateFormatW
LCMapStringA
CreateFileA
GetConsoleCP
SetFilePointer
SetUnhandledExceptionFilter
LCMapStringW
SetStdHandle
GetEnvironmentStringsW
CompareStringW
GetTimeZoneInformation
DeleteCriticalSection
GetSystemTimeAsFileTime
GetSystemDefaultLangID
InterlockedDecrement
TlsAlloc
GetCurrentThreadId
CompareStringA
GetCPInfo
GetEnvironmentStrings
SetConsoleCtrlHandler
ReadFile
SetConsoleTitleA
VirtualQuery
EnumTimeFormatsA
GetTimeFormatA
EnumCalendarInfoW
HeapReAlloc
GetConsoleScreenBufferInfo
EnumSystemLocalesA
FreeLibrary
VirtualAlloc
GetLastError
WriteFile
WriteConsoleA
FreeEnvironmentStringsW
GetCurrentProcessId
CloseHandle
GetStringTypeW
GetFileType
InterlockedExchange

shell32

ExtractIconExA
SHAddToRecentDocs
SHFormatDrive

gdi32

SetFontEnumeration
GetStretchBltMode
GdiSetBatchLimit
ResetDCW
CreateBitmapIndirect
GetWindowExtEx
Rectangle
Pie
ExtTextOutW
CreatePolyPolygonRgn
SetLayout
GetObjectW
CreateHatchBrush
GetTextExtentPoint32A
EnableEUDC
SelectPalette
CancelDC

Sections

.text
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 221KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

382b636a53d9891968ad8e1e8165b3a2

Headers

File Characteristics

PDB Paths

Imports

comctl32

advapi32

user32

kernel32

shell32

gdi32

Sections

.text Size: 195KB - Virtual size: 194KB

.rdata Size: 221KB - Virtual size: 229KB

.data Size: 108KB - Virtual size: 107KB

.rsrc Size: 41KB - Virtual size: 40KB

.text
Size: 195KB - Virtual size: 194KB

.rdata
Size: 221KB - Virtual size: 229KB

.data
Size: 108KB - Virtual size: 107KB

.rsrc
Size: 41KB - Virtual size: 40KB