f3dc893bb6a0dfa1be919cef471f3c12_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f3dc893bb6a0dfa1be919cef471f3c12_JaffaCakes118
Size

544KB
MD5

f3dc893bb6a0dfa1be919cef471f3c12
SHA1

8c82b63999d68fad1d4aff3288bd7eadd55940e1
SHA256

009566e68ef02f6ed75b155f156547bb2fa2cb37eed1094fe59bc0e96a47ba7f
SHA512

59e685cc756d486443029de99374dc3f34ab8a15ddd460cb1f9653221839a97efa01aa1c01a9aadca7c905a16c03c1c5c43c3103191f447e6ff11d5505a7bf97
SSDEEP

12288:REwxsWvt96LoU3wx3wl6Z3tnbomV2nsFcBcq:Rffv/q0wl21czGucq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3dc893bb6a0dfa1be919cef471f3c12_JaffaCakes118

Files

f3dc893bb6a0dfa1be919cef471f3c12_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db48f6d9e7a4809fee8402490adefac3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\vnrhtqtjeh\zeeesgv\oqz\peejkehdt\qhsydg\azts.pdb

Imports

wininet

FindNextUrlCacheEntryW
FindNextUrlCacheGroup
InternetGetCertByURLA

user32

CharNextW
GetMessagePos
SetWindowsHookExW
GetWindowTextLengthA
RegisterHotKey
DestroyMenu
PostMessageA
DestroyWindow
LoadAcceleratorsW
GetWindow
MessageBeep
DefWindowProcA
ChangeMenuW
CreateIconFromResource
SetWindowPlacement
CharLowerW
SetMessageQueue
RegisterClassExA
EnumDesktopWindows
ShowWindow
GetClipCursor
GetKeyboardType
RegisterDeviceNotificationA
GetProcessDefaultLayout
DestroyCursor
GetNextDlgGroupItem
DrawMenuBar
GetKeyNameTextW
SetCursor
DrawFrameControl
GetDlgItemInt
GetMenuState
DrawFrame
RegisterClassA
CharLowerA
CreateWindowStationW
EnumDisplayMonitors
EndMenu
EnumPropsA
DrawAnimatedRects
CreateWindowExA
MessageBoxExW
DdeDisconnectList
SetActiveWindow
MessageBoxW

gdi32

GetCharWidth32W
GetTextExtentPointA
SetWinMetaFileBits
PolyBezier
SetLayout
PlayEnhMetaFile
DrawEscape
GetClipRgn
GetMetaFileW
GetEnhMetaFileA
SetDIBits
GetDeviceCaps
GetGlyphOutlineA
GetCharWidthW
SetMapperFlags
GetWindowOrgEx
TextOutA
GetGraphicsMode
CheckColorsInGamut
DeleteMetaFile
CreateColorSpaceA

comctl32

ImageList_Destroy
GetEffectiveClientRect
ImageList_Create
ImageList_Read
ImageList_Add
InitMUILanguage
ImageList_SetIconSize
InitCommonControlsEx
ImageList_EndDrag

kernel32

GetTickCount
CompareStringW
ReadFile
IsBadWritePtr
GetOEMCP
IsValidLocale
LeaveCriticalSection
SetLastError
SetHandleCount
GetCurrentProcessId
LCMapStringA
WideCharToMultiByte
FindResourceA
GetModuleFileNameA
GetSystemInfo
InterlockedExchange
OpenFile
FreeEnvironmentStringsW
FlushFileBuffers
LoadLibraryExW
GetDateFormatW
TerminateThread
CreateWaitableTimerA
GlobalUnfix
HeapCreate
CreatePipe
LocalSize
MultiByteToWideChar
FreeResource
GetStringTypeA
GetLastError
VirtualQuery
CreateMutexA
EnterCriticalSection
UnhandledExceptionFilter
GetPrivateProfileStructA
VirtualFree
DeleteCriticalSection
GetModuleHandleA
HeapDestroy
GetCommandLineA
GetCurrentThreadId
CreateProcessA
GetCPInfo
TlsGetValue
RemoveDirectoryW
ExitProcess
lstrcmpA
GetFileType
GetProcAddress
LoadLibraryA
HeapReAlloc
GetStartupInfoA
TlsFree
HeapFree
lstrlenW
GetStringTypeW
OpenMutexA
GetLocaleInfoW
WriteFileEx
SetEnvironmentVariableA
lstrcat
GetVersionExA
CreateProcessW
WriteConsoleOutputA
GetSystemTimeAsFileTime
EnumSystemLocalesA
CopyFileA
GetTimeZoneInformation
IsValidCodePage
GetStdHandle
QueryPerformanceCounter
GetProcessHeaps
VirtualAlloc
LocalAlloc
lstrcpynW
GetUserDefaultLCID
HeapAlloc
TlsSetValue
TlsAlloc
CloseHandle
GetACP
SetStdHandle
SetConsoleTitleA
GlobalFree
OpenSemaphoreW
VirtualProtect
GetEnvironmentStrings
FreeEnvironmentStringsA
WriteFile
LCMapStringW
CompareStringA
GlobalUnlock
RtlUnwind
GetCurrentThread
GetDateFormatA
InitializeCriticalSection
GetTimeFormatA
SetWaitableTimer
GetLocaleInfoA
HeapSize
GetCurrentProcess
TerminateProcess
SetFilePointer
LocalShrink
GetEnvironmentStringsW
SetEndOfFile
GetAtomNameA

shell32

SHGetPathFromIDListA

Sections

.text
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db48f6d9e7a4809fee8402490adefac3

Headers

File Characteristics

PDB Paths

Imports

wininet

user32

gdi32

comctl32

kernel32

shell32

Sections

.text Size: 164KB - Virtual size: 160KB

.rdata Size: 240KB - Virtual size: 238KB

.data Size: 120KB - Virtual size: 144KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 164KB - Virtual size: 160KB

.rdata
Size: 240KB - Virtual size: 238KB

.data
Size: 120KB - Virtual size: 144KB

.rsrc
Size: 16KB - Virtual size: 15KB