f8bed1c83d0bdac53de759f580a2369b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f8bed1c83d0bdac53de759f580a2369b_JaffaCakes118
Size

572KB
MD5

f8bed1c83d0bdac53de759f580a2369b
SHA1

b31cd375d576fd4581c3bd665546c057584baf04
SHA256

1afa38bd44b83115d92e5dca935316ba30083d7920527d671ac178cdd096a19d
SHA512

c417ab4aaa987ff7225b89180c8068162f60eff3ae07516b969936f88e779e4f53c8773d701e30e8281eeaef6a1f13f536ba3fd95e06929192a0deaa81a7465e
SSDEEP

12288:osuwtQyOqkv+QfTWBXmNqhGd7OF0+mFFqIHAJHEUCmRn5:3uwOtqkNDNqUBdDVgJHEUx5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f8bed1c83d0bdac53de759f580a2369b_JaffaCakes118

Files

f8bed1c83d0bdac53de759f580a2369b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

11893279ee1fa1894e63e2db32058898

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\ogve\hjmfv\rtnetuaavg\tbh\sxsa

Imports

kernel32

ReleaseMutex
MultiByteToWideChar
WideCharToMultiByte
GetSystemTimeAsFileTime
GetConsoleMode
UnhandledExceptionFilter
InitializeCriticalSection
EnumDateFormatsExA
GetUserDefaultLangID
SetHandleCount
SetLastError
EnterCriticalSection
VirtualAlloc
ReadFile
VirtualQuery
LeaveCriticalSection
CloseHandle
InterlockedExchange
SetConsoleActiveScreenBuffer
SetFilePointer
CreateMutexA
GetCommandLineW
InterlockedIncrement
GetCurrentThread
CompareStringA
GetModuleFileNameW
LCMapStringA
GetDiskFreeSpaceA
CreateDirectoryExA
GetStringTypeA
LoadLibraryA
DeleteCriticalSection
GetSystemTime
ReadConsoleOutputCharacterA
SetComputerNameW
InterlockedDecrement
GetEnvironmentStringsW
GetModuleFileNameA
WriteProfileStringW
GetVersion
SetFileAttributesW
FreeEnvironmentStringsA
IsBadWritePtr
TerminateProcess
GetLastError
GetShortPathNameW
GetCurrentThreadId
GetDiskFreeSpaceExA
lstrcpynW
TlsSetValue
VirtualFreeEx
LocalUnlock
TlsGetValue
GetModuleHandleA
TlsAlloc
RtlUnwind
GlobalAlloc
OpenMutexA
QueryPerformanceCounter
HeapReAlloc
SetEnvironmentVariableA
GetCurrentProcessId
GetLocalTime
GetTimeZoneInformation
GetStdHandle
GlobalFree
GetProcAddress
GetTickCount
HeapCreate
GetCurrentProcess
GetEnvironmentStrings
GetStartupInfoA
HeapDestroy
LoadResource
GetStartupInfoW
GetCPInfo
FlushFileBuffers
FindNextFileW
SetFileAttributesA
GetCommandLineA
VirtualFree
CompareStringW
TlsFree
GetThreadSelectorEntry
GetStringTypeW
SetStdHandle
WaitNamedPipeW
GetPrivateProfileStringW
GetFileType
GetTempPathW
WriteFile
HeapFree
FreeEnvironmentStringsW
ExitProcess
LCMapStringW
HeapAlloc

gdi32

PathToRegion
CreateMetaFileA
CreatePen
EnableEUDC
SelectClipPath
SetICMMode
GetFontLanguageInfo
GetObjectW
AddFontResourceW
CreateDCA
SelectObject
RemoveFontResourceW
UnrealizeObject
GetMetaFileA
GetBkColor
PlayEnhMetaFileRecord
GetCharWidthW
GetAspectRatioFilterEx
CreateScalableFontResourceW
GetDeviceCaps
GetCharABCWidthsA
DeleteDC

shell32

SheChangeDirExW
SHAppBarMessage
SHChangeNotify
SHFreeNameMappings

advapi32

LogonUserA
RegConnectRegistryW
CryptDuplicateHash
CryptGenKey
LookupAccountSidA
RevertToSelf
RegSaveKeyW
CryptEnumProvidersW
RegEnumKeyExW
RegSetValueExA
LookupSecurityDescriptorPartsA
ReportEventA
CryptSetHashParam
RegEnumKeyW
CryptGetDefaultProviderA
LookupAccountSidW
LookupAccountNameA

user32

LoadKeyboardLayoutA
GetWindowRgn
GetScrollInfo
UnpackDDElParam
WINNLSGetEnableStatus
DdeCreateStringHandleW
DefWindowProcA
DdeCreateDataHandle
GetUpdateRect
GetSystemMenu
GetNextDlgTabItem
CreateWindowExA
TrackPopupMenu
RegisterWindowMessageA
GetDlgCtrlID
GetShellWindow
TrackMouseEvent
AppendMenuA
OpenIcon
AnimateWindow
GetMenuState
GetPropW
GetCaretPos
SendNotifyMessageW
DdeCmpStringHandles
RegisterClassExA
DestroyWindow
ChangeDisplaySettingsExW
VkKeyScanExA
ArrangeIconicWindows
CloseClipboard
IsMenu
EnumClipboardFormats
MessageBoxA
SetMenuInfo
EnumDesktopWindows
GetDlgItemTextA
GetGuiResources
LoadAcceleratorsA
DdeConnectList
SetMenuDefaultItem
GetCaretBlinkTime
WINNLSEnableIME
EndTask
SetFocus
DdeReconnect
SetClassLongA
SetWindowTextA
CreatePopupMenu
ActivateKeyboardLayout
GetWindowThreadProcessId
InternalGetWindowText
SetWindowLongA
SetLastErrorEx
ShowWindow
CheckMenuItem
SetSysColors
GetWindowContextHelpId
CreateMDIWindowA
RemoveMenu
UnregisterClassW
FlashWindowEx
RegisterClassA
VkKeyScanExW
GetCursorPos

comctl32

InitCommonControlsEx
GetEffectiveClientRect
CreatePropertySheetPage
DestroyPropertySheetPage
ImageList_GetImageCount
ImageList_DrawEx
ImageList_AddIcon
ImageList_GetBkColor
ImageList_EndDrag
DrawStatusTextA
ImageList_LoadImageW
CreateStatusWindowA
ImageList_GetImageRect
CreatePropertySheetPageW
CreateToolbarEx
ImageList_SetImageCount
ImageList_DragShowNolock
CreateMappedBitmap
ImageList_GetDragImage
CreatePropertySheetPageA

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11893279ee1fa1894e63e2db32058898

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

shell32

advapi32

user32

comctl32

Sections

.text Size: 148KB - Virtual size: 147KB

.rdata Size: 252KB - Virtual size: 250KB

.data Size: 116KB - Virtual size: 119KB

.rsrc Size: 52KB - Virtual size: 50KB

.text
Size: 148KB - Virtual size: 147KB

.rdata
Size: 252KB - Virtual size: 250KB

.data
Size: 116KB - Virtual size: 119KB

.rsrc
Size: 52KB - Virtual size: 50KB