fd1b5a72808294d98b0ebb07e23fc862_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fd1b5a72808294d98b0ebb07e23fc862_JaffaCakes118
Size

612KB
MD5

fd1b5a72808294d98b0ebb07e23fc862
SHA1

9a99fde31284cb0b0d4158930795d51c2f683332
SHA256

dc70b98c6eed3f9184c8660147b4842385108cde87f736ab328f943f3b7468c3
SHA512

a4e9d71d393faf7306fdde2ad6059c83473cd17bfbe67643189c228c857bba12c70fe0e6f0f5a50a2385b7ab5de88950e4676cd05e76551d3b387798490c6447
SSDEEP

12288:SK51fyz1QqtXlldhCGV1p8aB7dnQsmyBBmPn9JJYHXnQ6g3y5hsRQiMSpMKVPT2b:Kp8aldnVmyWfjJYHXQ93q6LJMw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd1b5a72808294d98b0ebb07e23fc862_JaffaCakes118

Files

fd1b5a72808294d98b0ebb07e23fc862_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c7f093992264649d7589d78e962493e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\zqerovux.pdb

Imports

comctl32

ImageList_BeginDrag
InitCommonControlsEx
ImageList_SetImageCount

kernel32

LeaveCriticalSection
UnhandledExceptionFilter
LCMapStringW
FlushFileBuffers
OutputDebugStringA
IsValidCodePage
FreeEnvironmentStringsW
GetLocaleInfoA
SystemTimeToFileTime
CreateMutexA
GetVersionExA
GetOEMCP
TerminateProcess
IsBadReadPtr
EnterCriticalSection
InterlockedIncrement
SetHandleCount
SetStdHandle
GetLongPathNameA
WriteProfileStringA
GetCurrentThread
GetSystemTimeAsFileTime
WritePrivateProfileStringW
GetTimeFormatA
WriteFile
GetSystemDefaultLangID
CompareStringW
GetStartupInfoW
ExpandEnvironmentStringsW
SetConsoleTitleW
GetCurrentThreadId
GetACP
WriteProfileStringW
TlsSetValue
ExitProcess
GetFileType
TransmitCommChar
DebugBreak
SetConsoleActiveScreenBuffer
VirtualProtect
GetThreadContext
GetCurrentProcess
WideCharToMultiByte
EnumSystemLocalesA
DeleteCriticalSection
GetModuleFileNameA
GetTimeZoneInformation
lstrlen
ReadFile
HeapCreate
WaitForMultipleObjects
GetDateFormatA
TlsGetValue
InterlockedDecrement
GetCPInfo
QueryPerformanceCounter
TransactNamedPipe
GetStdHandle
HeapDestroy
CreateWaitableTimerA
MultiByteToWideChar
GetFullPathNameW
IsValidLocale
SystemTimeToTzSpecificLocalTime
GetLogicalDrives
GetStartupInfoA
GetEnvironmentVariableA
GetEnvironmentStrings
TlsAlloc
CompareStringA
WaitNamedPipeA
GetTimeFormatW
WaitCommEvent
GetProcAddress
CreatePipe
SetConsoleCtrlHandler
WriteProfileSectionA
GetStringTypeA
HeapFree
FreeEnvironmentStringsA
InterlockedExchange
GetCommandLineA
GetSystemInfo
GetThreadPriority
GetStringTypeW
GetExitCodeProcess
SetLastError
HeapAlloc
GetEnvironmentStringsW
lstrcpynW
SetEnvironmentVariableA
lstrcpynA
GetSystemDirectoryA
SetFilePointer
GetVolumeInformationA
OpenMutexA
HeapValidate
LoadLibraryA
TlsFree
VirtualFree
GetLastError
LCMapStringA
GetCurrentProcessId
TerminateThread
VirtualAlloc
GetTickCount
GetCommandLineW
CloseHandle
RtlUnwind
InitializeCriticalSection
IsBadWritePtr
GetLocaleInfoW
GetModuleFileNameW
SetConsoleMode
SetVolumeLabelW
GetModuleHandleA
VirtualQuery
HeapReAlloc
GetUserDefaultLCID

gdi32

PathToRegion
SaveDC
GetObjectType
GetTextCharsetInfo
CreateHalftonePalette
GetCharacterPlacementW
GetMapMode
StrokePath
SetPolyFillMode
ResizePalette
EnumFontFamiliesExW
PolyBezier
PolyTextOutA
CreatePolyPolygonRgn
RectInRegion
UpdateICMRegKeyA
CreateHatchBrush

user32

OffsetRect
LoadImageA
SendIMEMessageExW
DdeKeepStringHandle
GetMessagePos
IsChild
LoadMenuA
GetClassInfoExA
DispatchMessageA
SwapMouseButton
CopyAcceleratorTableW
PeekMessageA
TrackMouseEvent
GetMenuItemInfoA
DestroyCursor
wsprintfA
OpenDesktopA
SetDebugErrorLevel
ChildWindowFromPointEx
SetClassWord
DdeQueryStringW
ImpersonateDdeClientWindow
GetMenuInfo
RegisterClassA
DlgDirSelectExW
WINNLSGetIMEHotkey
SetClipboardViewer
EnumPropsW
GetWindow
GetMenuItemRect
SetThreadDesktop
DdeUninitialize
DragDetect
MapDialogRect
DefMDIChildProcA
RegisterClassExA
GetDoubleClickTime
CreateMDIWindowW
BroadcastSystemMessage
GetWindowWord
ValidateRect
LoadBitmapW
EnumDisplayDevicesA
GetKeyboardLayout
DrawEdge
GetLastActivePopup

shell32

SHFileOperationW
SHAppBarMessage
SHGetNewLinkInfo
SHGetPathFromIDListW
DoEnvironmentSubstA

Sections

.text
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7f093992264649d7589d78e962493e3

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

gdi32

user32

shell32

Sections

.text Size: 196KB - Virtual size: 193KB

.rdata Size: 264KB - Virtual size: 261KB

.data Size: 108KB - Virtual size: 123KB

.rsrc Size: 40KB - Virtual size: 38KB

.text
Size: 196KB - Virtual size: 193KB

.rdata
Size: 264KB - Virtual size: 261KB

.data
Size: 108KB - Virtual size: 123KB

.rsrc
Size: 40KB - Virtual size: 38KB