054928445f55b7c7d775a0d8431b1c6d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

054928445f55b7c7d775a0d8431b1c6d_JaffaCakes118
Size

568KB
MD5

054928445f55b7c7d775a0d8431b1c6d
SHA1

45cf792136a7f7a7ce92839bf2e2ffeb07a8d987
SHA256

4d84c76a28fd13f8827356e50238e439df640cfd12465c0a7435546c6739d6f3
SHA512

02c4580c3219af82e0330b61fe1f59a22595a92f6fc465e09820e0ebd95298cc2d986ca9ccab1d21e72a04be71ac6440021cf66c167be354ff7142bd5f36634d
SSDEEP

6144:Zjjafq7Ky8hKI06e1AHNTahvm2Re5kmZ+3Z5YmyyVvkwX+29dUH5ffj+c8hwPZap:ZjjaC7KDKp0TavZZh8wXG84PwsQ10

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
054928445f55b7c7d775a0d8431b1c6d_JaffaCakes118

Files

054928445f55b7c7d775a0d8431b1c6d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f3453338bc3d8eb4309d9081a75a0aad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\afjoee\nwaoc.pdb

Imports

kernel32

TerminateProcess
ReadFile
EnumDateFormatsExW
GetExitCodeThread
WriteFile
FlushFileBuffers
FreeEnvironmentStringsA
GetLocaleInfoW
CreateMutexA
ReadConsoleOutputCharacterA
HeapDestroy
GetLastError
GetOEMCP
ExitProcess
SetFilePointer
LCMapStringA
DeleteCriticalSection
HeapReAlloc
VirtualProtect
QueryPerformanceCounter
GetTimeZoneInformation
GetFullPathNameW
TlsAlloc
CloseHandle
VirtualAlloc
InitializeCriticalSection
GetCPInfo
GetStdHandle
SetLastError
UnhandledExceptionFilter
VirtualQuery
GetUserDefaultLCID
GetFileType
GetACP
FormatMessageA
EnumTimeFormatsW
HeapAlloc
VirtualFree
RtlUnwind
OpenMutexA
IsValidLocale
LCMapStringW
GetEnvironmentStrings
GetProcAddress
CompareStringA
GetTickCount
MultiByteToWideChar
HeapCreate
TlsFree
EnterCriticalSection
InterlockedExchange
GetFullPathNameA
SetHandleCount
GetCurrentThreadId
GetEnvironmentStringsW
IsValidCodePage
SetEnvironmentVariableA
GetCurrentProcessId
GetSystemTimeAsFileTime
TlsGetValue
GetTimeFormatA
GetStringTypeW
CompareStringW
GetCommandLineA
GetVersionExA
GetDateFormatA
SetStdHandle
WideCharToMultiByte
GetStartupInfoA
GetAtomNameA
SetConsoleCursorInfo
EnumSystemLocalesA
GetLocaleInfoA
GetModuleFileNameA
HeapSize
LoadLibraryA
FreeEnvironmentStringsW
GetCurrentThread
GetCurrentProcess
OpenWaitableTimerA
IsBadWritePtr
OpenWaitableTimerW
GetSystemInfo
LeaveCriticalSection
TlsSetValue
LocalAlloc
HeapFree
SetConsoleScreenBufferSize
GetStringTypeA
GetModuleHandleA

comctl32

ImageList_DrawEx
ImageList_SetDragCursorImage
ImageList_DrawIndirect
MakeDragList
ImageList_DragMove
ImageList_GetImageInfo
DrawInsert
ImageList_DragLeave
ImageList_GetBkColor
DrawStatusTextW
InitCommonControlsEx
ImageList_Draw
ImageList_GetFlags
ImageList_BeginDrag
ImageList_Add
ImageList_ReplaceIcon

user32

ValidateRect
SetWindowsHookA
ToAsciiEx
RegisterClassExA
GetTabbedTextExtentW
MenuItemFromPoint
IsCharAlphaNumericA
RegisterClassA
SetPropW
GetMessageTime
GetWindow
EnumDesktopsA
UnregisterHotKey
DeleteMenu
OemKeyScan
IsDialogMessageA
IsDlgButtonChecked
EnumDisplayDevicesA
DestroyWindow
ShowCursor
ChangeMenuW
SetWindowRgn
GetNextDlgTabItem
IsZoomed
DefFrameProcW
CreateWindowExW
GetListBoxInfo
VkKeyScanA
DefWindowProcW
DrawTextExA
MessageBoxA
ShowWindow

Sections

.text
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3453338bc3d8eb4309d9081a75a0aad

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 180KB - Virtual size: 178KB

.rdata Size: 252KB - Virtual size: 250KB

.data Size: 116KB - Virtual size: 117KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 180KB - Virtual size: 178KB

.rdata
Size: 252KB - Virtual size: 250KB

.data
Size: 116KB - Virtual size: 117KB

.rsrc
Size: 16KB - Virtual size: 14KB