f1ef651575f03fc9c6e3975daf602270_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f1ef651575f03fc9c6e3975daf602270_JaffaCakes118
Size

636KB
MD5

f1ef651575f03fc9c6e3975daf602270
SHA1

32b1299babaa7bfc8be78378a3f827a2493c05c1
SHA256

8f3350de2578eefa306f0e1b943824c7272ca461bfc7dbfb8fa012678704a8a5
SHA512

a450966651fb8bdf7cb10f4fd173396e00e7582245855aa19275ad914017f803255c9f245c2707bc13e84e5f7a2565fa3674b6f04cf98132394a47c97e3742da
SSDEEP

12288:S5gduN59VrhgvmY+HeovZkyrsyGb+cOFuVFC8qV6zCPFm5b5UrPHS:S5gdAjrhgwH5ZkFyRjuW+Um95Ura

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1ef651575f03fc9c6e3975daf602270_JaffaCakes118

Files

f1ef651575f03fc9c6e3975daf602270_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d9947542d52082c4f9079f9727ccbb44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\DOO\EMEKTS\

Imports

kernel32

FlushFileBuffers
GetOEMCP
HeapAlloc
GetModuleHandleA
HeapReAlloc
DeleteCriticalSection
SetEnvironmentVariableA
SetConsoleCtrlHandler
VirtualAlloc
WritePrivateProfileSectionA
GetEnvironmentStringsW
GetVersionExA
CloseHandle
HeapCreate
QueryPerformanceCounter
IsValidLocale
TlsAlloc
GetUserDefaultLCID
CompareStringA
GetCurrentThread
CompareStringW
GetSystemTimeAsFileTime
GetStringTypeW
InitializeCriticalSection
RtlUnwind
GetStdHandle
GetModuleFileNameW
GetCommandLineA
GetCurrentThreadId
EnumSystemLocalesA
TlsFree
TerminateProcess
GetProcAddress
SetLastError
TlsSetValue
CreateMutexA
VirtualFree
MultiByteToWideChar
GetCurrentProcess
GlobalLock
ReadFile
WideCharToMultiByte
GetCPInfo
GetTimeFormatA
EnterCriticalSection
HeapDestroy
HeapFree
VirtualQuery
GetDateFormatA
FreeEnvironmentStringsA
SetLocalTime
VirtualProtect
SetStdHandle
UnhandledExceptionFilter
GetLastError
SetFilePointer
GetStartupInfoA
FreeEnvironmentStringsW
GetNumberFormatW
HeapSize
GetSystemInfo
GetLocaleInfoW
OpenMutexA
WriteProfileStringA
InterlockedExchange
LCMapStringA
WriteFile
SetVolumeLabelW
GetTimeZoneInformation
GetACP
IsValidCodePage
ExitProcess
LeaveCriticalSection
SetConsoleTextAttribute
GetEnvironmentStrings
GetStartupInfoW
GetModuleFileNameA
GlobalSize
IsBadWritePtr
GetTickCount
LoadLibraryA
TlsGetValue
SetHandleCount
LCMapStringW
GetLongPathNameA
lstrcat
GetCommandLineW
GetCurrentProcessId
GetStringTypeA
GetLocaleInfoA
GetFileType

user32

RegisterClassExA
RegisterClassA
CheckRadioButton
IsDlgButtonChecked
SetLastErrorEx
MessageBoxIndirectA
GetClassWord
GetQueueStatus
CheckDlgButton
TranslateMessage
OpenWindowStationW
TrackMouseEvent
EnumDisplaySettingsW
DrawFrameControl
GetWindowTextW
CharNextW
CharToOemBuffW
ShowCursor
DdeKeepStringHandle
FlashWindowEx
ExcludeUpdateRgn
GetMessageW
EndDialog
BlockInput
SendInput
DrawEdge
FlashWindow
CharLowerBuffW
GetClipboardFormatNameW

comctl32

InitCommonControlsEx
ImageList_DragShowNolock
ImageList_SetDragCursorImage
ImageList_AddMasked
ImageList_LoadImageA
ImageList_GetFlags
ImageList_Duplicate
CreatePropertySheetPage
ImageList_SetOverlayImage
ImageList_GetIcon
ImageList_Destroy
ImageList_BeginDrag
DrawInsert
ImageList_SetImageCount
ImageList_Write
ImageList_GetImageInfo
DrawStatusTextA

Sections

.text
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 250KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9947542d52082c4f9079f9727ccbb44

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

Sections

.text Size: 206KB - Virtual size: 206KB

.rdata Size: 250KB - Virtual size: 249KB

.data Size: 113KB - Virtual size: 122KB

.rsrc Size: 66KB - Virtual size: 65KB

.text
Size: 206KB - Virtual size: 206KB

.rdata
Size: 250KB - Virtual size: 249KB

.data
Size: 113KB - Virtual size: 122KB

.rsrc
Size: 66KB - Virtual size: 65KB