05d4b1e0e784bae745839c453e6cb3e1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

05d4b1e0e784bae745839c453e6cb3e1_JaffaCakes118
Size

514KB
MD5

05d4b1e0e784bae745839c453e6cb3e1
SHA1

82bba81c2b28bd03b28dc9a86b5da9e4520e6080
SHA256

8ef130a901480c5763a451c603c23613f9163dc40f05280914cfb654df7b1829
SHA512

fbb53e5a767e8996bf41219f84e1c750fa07aad71dfa808443a2458c0f3f7cc8a28f82fefaf335387b482f9dd36a1581ad81200470c46469a603eb57807f4612
SSDEEP

12288:KowqqE+QIHqxTM9pZPouZ1TrdXPIt5Nqi03C/vZFWCWKByt:K1q9+DHqxTM9pZgurdXG5Ed3CJFWCWuy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05d4b1e0e784bae745839c453e6cb3e1_JaffaCakes118

Files

05d4b1e0e784bae745839c453e6cb3e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8d43c8b9eb6b1eac58eb82c60ed35db2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\doxerfb\eeboaaa\voeeq\pqaexd.pdb

Imports

comctl32

InitCommonControlsEx

kernel32

GetEnvironmentStrings
GetWindowsDirectoryW
GetModuleFileNameA
GetSystemTimeAsFileTime
GetSystemInfo
MultiByteToWideChar
SetUnhandledExceptionFilter
WriteFile
lstrcpynA
HeapDestroy
IsValidCodePage
CreateToolhelp32Snapshot
DeleteCriticalSection
GetModuleFileNameW
FreeEnvironmentStringsW
IsValidLocale
GetLocaleInfoA
LCMapStringW
CompareStringW
TlsFree
GetStartupInfoW
LeaveCriticalSection
GetFileType
GetUserDefaultLCID
GetCurrentProcessId
GetTickCount
TlsSetValue
LCMapStringA
ReadFile
ExitProcess
EnumSystemLocalesA
GetDateFormatA
CompareStringA
GetCurrentThreadId
FlushFileBuffers
DeleteFileA
OpenMutexA
GetLastError
SetEnvironmentVariableA
GetOEMCP
GetACP
GetProcAddress
DuplicateHandle
LocalAlloc
GetUserDefaultLangID
GetFileAttributesExW
WideCharToMultiByte
VirtualAlloc
RtlUnwind
VirtualQuery
EnterCriticalSection
GetCurrentProcess
VirtualFree
EnumSystemLocalesW
GetCPInfo
LoadLibraryA
GetCurrentThread
HeapLock
TlsAlloc
CreateMutexA
CloseHandle
FreeEnvironmentStringsA
CopyFileExA
GetStartupInfoA
QueryPerformanceCounter
GetCommandLineA
GetConsoleMode
GetCommandLineW
VirtualProtect
TlsGetValue
HeapCreate
HeapReAlloc
CompareFileTime
GetStringTypeA
SetLastError
TerminateProcess
HeapFree
GetStdHandle
SetHandleCount
IsBadWritePtr
InitializeCriticalSection
GetTimeZoneInformation
UnhandledExceptionFilter
GetTimeFormatA
SetFilePointer
GetFileAttributesExA
GetEnvironmentStringsW
GetExitCodeProcess
HeapAlloc
WaitNamedPipeA
HeapSize
GetVersionExA
GetLocaleInfoW
GetStringTypeW
SetCurrentDirectoryA
GetModuleHandleA
LocalUnlock
InterlockedExchange
SetStdHandle

user32

GetKeyboardLayoutNameA
IsWindowUnicode
ChangeDisplaySettingsExW
EnumWindowStationsW
DdeClientTransaction
RegisterClassExA
LoadKeyboardLayoutA
EnumDisplayMonitors
CharUpperW
ScrollDC
RegisterClassA
GetProcessWindowStation
GetDC
ToUnicodeEx
GetAltTabInfo

Sections

.text
Size: 341KB - Virtual size: 340KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d43c8b9eb6b1eac58eb82c60ed35db2

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

Sections

.text Size: 341KB - Virtual size: 340KB

.rdata Size: 37KB - Virtual size: 61KB

.data Size: 105KB - Virtual size: 104KB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 341KB - Virtual size: 340KB

.rdata
Size: 37KB - Virtual size: 61KB

.data
Size: 105KB - Virtual size: 104KB

.rsrc
Size: 29KB - Virtual size: 29KB