07e2a353889b8c3c0efc3792152fb002_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07e2a353889b8c3c0efc3792152fb002_JaffaCakes118
Size

345KB
MD5

07e2a353889b8c3c0efc3792152fb002
SHA1

2a7c11909dfa26ef5e8efdafe361443bde6ecea9
SHA256

0ec6886d231d0be6e203d68d8f514eb64ba3319b400fff542b1ffe45843b62db
SHA512

7808071e77ea70352b3193b5e97a3f60cd5104f0dd03b50f498257f2474cdd6c77a1ed597c2bb675405ef860cc4f4e650833b4e5e834dfaa193f49ac1f03cb28
SSDEEP

6144:vdtwlJHs6RByKnhdvyUpWZ8KPzfMwD0SJD4hdbsr:vdtwlRbzjHOPPzEwD0AD4/sr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07e2a353889b8c3c0efc3792152fb002_JaffaCakes118

Files

07e2a353889b8c3c0efc3792152fb002_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1e68cea6b3c4871ad14833c4592ae5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\aoe\krdcy

Imports

comdlg32

LoadAlterBitmap
ChooseColorW

kernel32

GetFileType
GetLocalTime
LeaveCriticalSection
TlsSetValue
IsBadWritePtr
HeapCreate
GetStartupInfoA
GetProcAddress
WriteFile
GetOEMCP
GlobalGetAtomNameW
InitializeCriticalSection
TlsGetValue
SetStdHandle
TlsAlloc
VirtualAlloc
GetModuleHandleA
TerminateProcess
SetFilePointer
IsValidCodePage
CreateMutexA
LCMapStringA
UnhandledExceptionFilter
InterlockedDecrement
DeleteCriticalSection
GetCPInfo
InterlockedExchange
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
HeapReAlloc
CloseHandle
GetEnvironmentStringsW
CompareStringW
GetVersion
GetCurrentThread
CompareStringA
GetCommandLineA
lstrcmpW
GetCurrentThreadId
FlushFileBuffers
GetCurrentProcess
ExitProcess
SetHandleCount
GetLastError
OpenMutexA
SetConsoleCP
InterlockedIncrement
GetModuleFileNameA
GetPrivateProfileSectionNamesA
GetTimeZoneInformation
ReadFile
GetSystemTime
GetThreadPriority
SetTimeZoneInformation
RaiseException
HeapAlloc
GetCurrentProcessId
GetACP
GetStringTypeW
HeapDestroy
SetEnvironmentVariableA
GetEnvironmentStrings
GetStringTypeA
EnterCriticalSection
HeapFree
VirtualQuery
RtlUnwind
GetSystemTimeAsFileTime
VirtualFree
TlsFree
WideCharToMultiByte
LCMapStringW
SetLastError
GetStdHandle
QueryPerformanceCounter
LoadLibraryA
GetTickCount

comctl32

ImageList_GetImageInfo
DrawStatusText
ImageList_Remove
InitCommonControlsEx
InitMUILanguage
ImageList_Read
ImageList_DragMove
ImageList_GetDragImage
ImageList_BeginDrag
ImageList_Replace

wininet

FindFirstUrlCacheEntryA
GetUrlCacheEntryInfoExA
InternetInitializeAutoProxyDll
InternetAlgIdToStringW
InternetGetLastResponseInfoA
SetUrlCacheEntryGroupA
SetUrlCacheConfigInfoA
FindNextUrlCacheGroup
InternetQueryOptionW

shell32

SheGetDirA
SHInvokePrinterCommandA
SHQueryRecycleBinW
SHGetPathFromIDListW

user32

DdeAccessData
SetWinEventHook
CreateWindowExW
TabbedTextOutA
TranslateMDISysAccel
TabbedTextOutW
RegisterClassA
DestroyWindow
SetProcessDefaultLayout
DefWindowProcA
UnhookWindowsHookEx
MessageBoxA
GetClassInfoA
ShowWindow
IsCharLowerW
AnyPopup
RegisterClassExA
MonitorFromPoint
CopyAcceleratorTableA
SetMenuItemInfoW

Sections

.text
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1e68cea6b3c4871ad14833c4592ae5f

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

comctl32

wininet

shell32

user32

Sections

.text Size: 173KB - Virtual size: 172KB

.rdata Size: 11KB - Virtual size: 15KB

.data Size: 85KB - Virtual size: 85KB

.rsrc Size: 74KB - Virtual size: 73KB

.text
Size: 173KB - Virtual size: 172KB

.rdata
Size: 11KB - Virtual size: 15KB

.data
Size: 85KB - Virtual size: 85KB

.rsrc
Size: 74KB - Virtual size: 73KB