f6d15504a46af71219da853c8b00a579_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f6d15504a46af71219da853c8b00a579_JaffaCakes118
Size

525KB
MD5

f6d15504a46af71219da853c8b00a579
SHA1

b247825ec2d15d716b2060cd961e462c5bb18953
SHA256

715a8ac3f018ceb09bf55f739d2b1157df4d2f325a3c9a1c779b775452c90856
SHA512

ea247075ed1fcdc9ceec2d5dea30ea0ff77d8c223cf2ba2cc008f45c2b17d017c87a2a74e26f41cfbffe8294f6097b24c3b129322be616eb0068951e4e6b24ea
SSDEEP

12288:0IoXd+U0BwKDzA/z1Hjw1I09JeAT7iSpBwx+6j5KM:AXIUcwSCz1j0B7peXx3K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6d15504a46af71219da853c8b00a579_JaffaCakes118

Files

f6d15504a46af71219da853c8b00a579_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ece327497bbb4eb62644d726d8d0741

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\TOE\GBE\QYEPO\SOEEFJ.PDB

Imports

comctl32

InitCommonControlsEx

kernel32

SetEnvironmentVariableA
TlsGetValue
GetEnvironmentStringsW
WaitForSingleObject
EnumSystemLocalesA
LCMapStringA
GetCurrentProcessId
QueryPerformanceCounter
HeapSize
FreeEnvironmentStringsW
GetFileType
GetStartupInfoW
InterlockedExchange
CompareStringW
GetConsoleOutputCP
SetHandleCount
GetFileAttributesA
InitializeCriticalSection
LoadLibraryA
GetModuleFileNameA
VirtualQuery
GetFileAttributesExW
GetCurrentThread
GetStringTypeW
GetProcAddress
EnterCriticalSection
IsValidLocale
VirtualProtect
WriteConsoleW
DeleteCriticalSection
OpenMutexA
WideCharToMultiByte
GetDateFormatA
SetConsoleCtrlHandler
GetPrivateProfileStringW
CompareStringA
InterlockedDecrement
UnhandledExceptionFilter
InterlockedIncrement
MultiByteToWideChar
HeapDestroy
lstrlen
GetCPInfo
GetEnvironmentStrings
WriteConsoleA
CreateFileA
SetStdHandle
CreateSemaphoreW
GetSystemTimeAsFileTime
TransmitCommChar
CreateMutexA
HeapFree
WriteProfileSectionW
SetFilePointer
GetConsoleCP
VirtualAlloc
GetNamedPipeHandleStateA
FreeEnvironmentStringsA
TlsSetValue
GetTimeFormatA
IsValidCodePage
GetLastError
GetTickCount
GetProcessHeap
Sleep
GetModuleHandleA
WriteConsoleOutputCharacterW
GetOEMCP
GetStdHandle
HeapCreate
SetLastError
GetStartupInfoA
GetVersionExA
VirtualFree
FlushFileBuffers
GetUserDefaultLCID
CreateWaitableTimerW
GetLocaleInfoW
GetStringTypeA
FreeLibrary
TlsAlloc
WaitCommEvent
RtlUnwind
GetCurrentThreadId
TlsFree
GetTimeZoneInformation
LocalShrink
LCMapStringW
GetLocaleInfoA
GetConsoleMode
WriteFile
HeapReAlloc
GetACP
GetModuleFileNameW
TerminateProcess
LeaveCriticalSection
CloseHandle
FillConsoleOutputCharacterA
FillConsoleOutputAttribute
ReadFile
IsDebuggerPresent
GetCommandLineW
ExitProcess
FormatMessageA
HeapAlloc
SetUnhandledExceptionFilter
GetCurrentProcess
GetCommandLineA

advapi32

CryptEnumProviderTypesA
RegQueryMultipleValuesW
RegRestoreKeyA
RegQueryValueExA
RegDeleteKeyW
CryptGetDefaultProviderA
CryptVerifySignatureW
CryptHashData
CryptSetProvParam
RegNotifyChangeKeyValue
CryptImportKey
StartServiceW

user32

CallMsgFilterW
SetUserObjectInformationA
ShowScrollBar
PostMessageA
RegisterClassA
GetDCEx
DdeAddData
DrawIcon
VkKeyScanA
BringWindowToTop
OemToCharA
EqualRect
DdeKeepStringHandle
GetCursorInfo
RegisterClassExA
LoadIconA
SetProcessWindowStation
InsertMenuA
TabbedTextOutW
DialogBoxIndirectParamA

comdlg32

ReplaceTextW

Sections

.text
Size: 343KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ece327497bbb4eb62644d726d8d0741

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

advapi32

user32

comdlg32

Sections

.text Size: 343KB - Virtual size: 342KB

.rdata Size: 66KB - Virtual size: 84KB

.data Size: 106KB - Virtual size: 106KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 343KB - Virtual size: 342KB

.rdata
Size: 66KB - Virtual size: 84KB

.data
Size: 106KB - Virtual size: 106KB

.rsrc
Size: 8KB - Virtual size: 8KB