ed6e2a14621d33dc992ea2ab17102ba1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ed6e2a14621d33dc992ea2ab17102ba1_JaffaCakes118
Size

376KB
MD5

ed6e2a14621d33dc992ea2ab17102ba1
SHA1

32b23a9242204bbc7b54dc764d06a59cbca88065
SHA256

8897357df051446be4e760ff124cd8ed5d3b7fd2f133d5577c954bcce1bf8fca
SHA512

0c5fdbc28f0e8e102098056807f695897a8477580e6ca75bc5e8af4f0e720caa334a9fec2a38b70a4a166cf271f5489edbe2dac90554ded15089c7ca720d24a5
SSDEEP

6144:sw3Hqg6I4KS56LZ8PgnDbIE/dZRm0MEzDpv/wXZWviQvoNVFd9FqaKe14Rzp5gwr:t3qg61OMgXIQdZjpzDpv/gEvjQr9Fqa8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed6e2a14621d33dc992ea2ab17102ba1_JaffaCakes118

Files

ed6e2a14621d33dc992ea2ab17102ba1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

38adf59be3fda68b5430b073f56a79ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\shssxyyjee\jwuheets\mjcdeaq\uj

Imports

comctl32

ImageList_SetIconSize
ImageList_SetBkColor
ImageList_GetFlags
ImageList_GetImageCount
CreateStatusWindowW
ImageList_EndDrag
CreateStatusWindowA
ImageList_Copy
CreateUpDownControl
ImageList_LoadImageA
InitCommonControlsEx

kernel32

EnterCriticalSection
GetPriorityClass
WriteConsoleOutputCharacterA
SetConsoleTextAttribute
HeapDestroy
OpenEventA
QueryPerformanceCounter
GetConsoleOutputCP
GetStdHandle
EnumCalendarInfoExA
WaitForSingleObject
GetModuleFileNameW
RtlUnwind
ContinueDebugEvent
SetLastError
WriteConsoleOutputA
WritePrivateProfileStructA
GetTimeZoneInformation
UnhandledExceptionFilter
HeapFree
SetSystemTime
GetProcessHeaps
GetPrivateProfileSectionNamesW
IsBadWritePtr
GetCurrentThreadId
GetStringTypeA
RaiseException
EnumSystemLocalesW
LCMapStringW
TlsAlloc
InitializeCriticalSection
GetCurrentProcess
UnlockFile
ConvertDefaultLocale
GetSystemTimeAsFileTime
SetStdHandle
MultiByteToWideChar
lstrcmpiW
HeapReAlloc
LocalFlags
FreeResource
CreateMutexA
TlsSetValue
GetCurrencyFormatW
GetExitCodeThread
FreeEnvironmentStringsA
WriteProfileStringA
HeapCreate
GetStartupInfoW
GetProcAddress
VirtualUnlock
DeleteFileA
SetComputerNameA
OpenMutexA
CompareStringA
GetPrivateProfileIntW
FlushFileBuffers
VirtualQuery
GetStartupInfoA
ExitProcess
GlobalGetAtomNameA
TlsGetValue
GetLastError
DeleteCriticalSection
GetCommandLineW
ReadFile
WriteFile
GetProcAddress
GetProfileStringA
GetLocalTime
InterlockedIncrement
GetCurrentThread
TlsFree
DuplicateHandle
WriteProfileSectionA
FindNextFileW
WideCharToMultiByte
GlobalFlags
GetEnvironmentStringsW
GetEnvironmentStringsA
LoadLibraryA
GlobalAddAtomW
VirtualAlloc
SetEnvironmentVariableA
GetTickCount
GetEnvironmentStrings
GetFileType
FormatMessageW
FreeEnvironmentStringsW
LeaveCriticalSection
SetLocalTime
GetCurrentProcessId
GetLocaleInfoW
LCMapStringA
GetCPInfo
GetModuleHandleA
InterlockedDecrement
HeapAlloc
lstrlenW
SleepEx
VirtualFree
SetHandleCount
RemoveDirectoryA
CreateNamedPipeW
TerminateProcess
InterlockedCompareExchange
GetProcessAffinityMask
GetModuleFileNameA
Sleep
FillConsoleOutputCharacterA
WaitNamedPipeW
AddAtomW
InterlockedExchange
GetMailslotInfo
CloseHandle
GetLocaleInfoA
SetFilePointer
GetFileAttributesExW
GetSystemTime
GetTimeFormatW
GetCommandLineA
CompareStringW
WaitForSingleObjectEx
GetPrivateProfileStringW
SetThreadAffinityMask
ResumeThread
GetStringTypeW
GetVersion

user32

CreateWindowExW
GetFocus
DestroyWindow
MessageBoxA
EnumChildWindows
GetClipboardData
DefWindowProcA
RegisterClassA
DrawStateW
ShowWindow
GetLastActivePopup
DrawTextA
RegisterClassExA
GetPriorityClipboardFormat
SetFocus
BroadcastSystemMessageW
CopyIcon
LoadBitmapW
GetKeyNameTextW
IsWindowEnabled
GetOpenClipboardWindow
GetDoubleClickTime
IsDialogMessage
RedrawWindow
GetMenuDefaultItem
CascadeChildWindows

Sections

.text
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38adf59be3fda68b5430b073f56a79ad

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

Sections

.text Size: 112KB - Virtual size: 109KB

.rdata Size: 72KB - Virtual size: 68KB

.data Size: 92KB - Virtual size: 120KB

.rsrc Size: 96KB - Virtual size: 92KB

.text
Size: 112KB - Virtual size: 109KB

.rdata
Size: 72KB - Virtual size: 68KB

.data
Size: 92KB - Virtual size: 120KB

.rsrc
Size: 96KB - Virtual size: 92KB