fd3824e5f6115e31288b3e28b86d94ac_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fd3824e5f6115e31288b3e28b86d94ac_JaffaCakes118
Size

552KB
MD5

fd3824e5f6115e31288b3e28b86d94ac
SHA1

1a3b5ae320c1fb798309bfb9ac5b3d1c1d8afd88
SHA256

d135d72e4fde70085df3753b20349395096f097edaf935793036eac8a14d6094
SHA512

4cb9fb2be84b63adcee8cc0d9e618a89f1f0dde46c455c2e44de0b8d7f8dffe444deec33d3ae99ca8bd2f10765e31f82fae47f8d61c90defeec05bb37e17f3d4
SSDEEP

12288:IbP4vyQI5/YjYYgr9PtFxxVgEwh4arU+3zHZ/Cfqbe7NsPvU:urQeg/H0q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd3824e5f6115e31288b3e28b86d94ac_JaffaCakes118

Files

fd3824e5f6115e31288b3e28b86d94ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3976a69b8603345f2563337f74752829

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\gshorkxetr\emco\keuetd\aojhqke\sqgbo\dtjetfoi.PDB

Imports

user32

RegisterClassA
SetMenuDefaultItem
DdeQueryConvInfo
RegisterClassExA
LoadMenuIndirectW
MonitorFromWindow
GetKeyboardType
GetUpdateRgn

comctl32

InitCommonControlsEx

shell32

FindExecutableA
SHFileOperationW
SHFormatDrive
ExtractAssociatedIconExW

comdlg32

PageSetupDlgA
PrintDlgW
FindTextW

wininet

InternetGoOnline
ShowSecurityInfo
RunOnceUrlCache
HttpCheckDavCompliance
FindFirstUrlCacheEntryExA
DeleteUrlCacheEntryW

kernel32

GetEnvironmentStringsW
VirtualAlloc
GetDiskFreeSpaceA
SetConsoleTitleA
HeapSize
GetComputerNameA
GetStartupInfoW
HeapFree
GetModuleFileNameW
HeapDestroy
RtlUnwind
EnumDateFormatsW
IsBadWritePtr
IsValidCodePage
HeapReAlloc
TlsAlloc
GetCurrentThread
GetNumberFormatA
ExitProcess
GetSystemTimeAsFileTime
GetStringTypeA
GlobalGetAtomNameA
CloseHandle
SetFilePointer
GetStartupInfoA
GetCommandLineA
GetModuleHandleA
GetFileType
UnhandledExceptionFilter
GetCurrentProcess
GetCommandLineW
EnterCriticalSection
MultiByteToWideChar
GetDateFormatA
FreeEnvironmentStringsA
GetSystemInfo
GetLastError
TlsFree
InterlockedExchange
TerminateProcess
GetEnvironmentStrings
CompareStringA
GetACP
TlsGetValue
GetTickCount
SetHandleCount
QueryPerformanceCounter
GetModuleFileNameA
SetLastError
InitializeCriticalSection
CreateMutexA
SetEnvironmentVariableA
WriteFile
GetCurrentThreadId
ConnectNamedPipe
GetTimeZoneInformation
LoadLibraryA
IsValidLocale
GetUserDefaultLCID
GetTimeFormatA
DeleteCriticalSection
GetProcAddress
FlushFileBuffers
CreateDirectoryW
lstrcmpiA
GetCPInfo
LCMapStringA
GetCurrentProcessId
VirtualProtect
HeapCreate
GetStringTypeW
GetStdHandle
ReadFile
TlsSetValue
GetOEMCP
FreeEnvironmentStringsW
WideCharToMultiByte
SetStdHandle
VirtualFree
GetVersionExA
VirtualQuery
LCMapStringW
HeapAlloc
GetLocaleInfoW
CompareStringW
GetLocaleInfoA
EnumSystemLocalesA
OpenMutexA
LeaveCriticalSection

advapi32

RegSetValueA
InitializeSecurityDescriptor
CryptDeriveKey
LookupPrivilegeDisplayNameW
AbortSystemShutdownA
CryptExportKey
CryptGetUserKey
CryptHashSessionKey
CryptContextAddRef
LookupAccountNameW
CryptReleaseContext
RegQueryMultipleValuesW
InitiateSystemShutdownA
RegCreateKeyW
RegSetKeySecurity
RegEnumKeyExA
RegSaveKeyW
RegNotifyChangeKeyValue
RegQueryMultipleValuesA
RegSaveKeyA
LookupAccountNameA

Sections

.text
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3976a69b8603345f2563337f74752829

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

shell32

comdlg32

wininet

kernel32

advapi32

Sections

.text Size: 362KB - Virtual size: 362KB

.rdata Size: 61KB - Virtual size: 81KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 22KB - Virtual size: 21KB

.text
Size: 362KB - Virtual size: 362KB

.rdata
Size: 61KB - Virtual size: 81KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 22KB - Virtual size: 21KB