1828296cbcea909ce3953f85bc5d2b71_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1828296cbcea909ce3953f85bc5d2b71_JaffaCakes118
Size

596KB
MD5

1828296cbcea909ce3953f85bc5d2b71
SHA1

98be67d5d3a233602d68ac397437f0c48abdcd2d
SHA256

4a082b34a98639bae4b8a956c5e6c381be8aaf0e17d9bd7d8c336de8fac412cc
SHA512

0581cb1df678fa0166a9e0432ba8ad3d8ea7848ec1224d409c1a8ceefe16101f44677e99c8a84906de7de4a0dab2bb90b3ebaa9d1263b427a62c7c63f281732d
SSDEEP

12288:XFP42WP2Q7MzrWfvbEOfLU4NNAOhckVf9QteCRfXUX8OcoSoZIm7xMee9uvNBDN+:NNWPNgSEODU4YOhZo/0ooSI17xdo+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1828296cbcea909ce3953f85bc5d2b71_JaffaCakes118

Files

1828296cbcea909ce3953f85bc5d2b71_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d891e166b6eb53db94fbdda5bfbf7b45

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\hte\tueeslef\deqevata\cgeo\letbo

Imports

kernel32

GetLocalTime
VirtualFree
CreateMutexA
MapViewOfFile
GetStringTypeA
HeapCreate
TerminateProcess
GetDateFormatW
MultiByteToWideChar
CreateFileA
SetHandleCount
VirtualQuery
GetSystemTimeAsFileTime
GetDriveTypeA
LCMapStringA
GlobalFix
LocalCompact
LCMapStringW
HeapAlloc
CreateWaitableTimerA
CompareStringW
CreateRemoteThread
GetCurrentProcessId
GetTimeZoneInformation
SetThreadContext
GetTickCount
GetCPInfo
ReadConsoleInputA
GetModuleHandleA
SetThreadAffinityMask
UnhandledExceptionFilter
GetStartupInfoA
InterlockedDecrement
FlushFileBuffers
GetEnvironmentStringsW
GetModuleFileNameA
LocalFree
IsBadWritePtr
GetEnvironmentStrings
GetCommandLineW
FreeEnvironmentStringsW
HeapFree
DeleteCriticalSection
WriteFile
SetFilePointer
HeapDestroy
GetCurrentThread
TlsGetValue
SetLastError
GetModuleFileNameW
TlsAlloc
GetCurrentThreadId
GetCommandLineA
GetEnvironmentVariableW
GetStartupInfoW
GlobalAddAtomA
InterlockedIncrement
GetProcAddress
GetVersion
ReadFile
WritePrivateProfileSectionW
QueryPerformanceCounter
GetStdHandle
IsValidLocale
WideCharToMultiByte
GetSystemTime
GetStringTypeW
DuplicateHandle
GetLastError
EnterCriticalSection
CloseHandle
LoadLibraryA
GetFullPathNameW
SetEnvironmentVariableA
ExitProcess
OpenMutexA
TlsFree
GetFileType
InterlockedExchange
RtlUnwind
FreeEnvironmentStringsA
HeapReAlloc
InitializeCriticalSection
SetStdHandle
TlsSetValue
GetCalendarInfoA
GetCurrentProcess
VirtualAlloc
CompareStringA
FindNextChangeNotification
LeaveCriticalSection
GlobalHandle
FileTimeToDosDateTime

comdlg32

PageSetupDlgW
GetOpenFileNameA
PrintDlgW
ChooseColorW

comctl32

InitCommonControlsEx
ImageList_SetBkColor
CreateMappedBitmap
ImageList_BeginDrag
ImageList_SetIconSize
ImageList_SetFilter
ImageList_Read
ImageList_DragEnter
ImageList_GetIconSize
DrawStatusText
ImageList_SetOverlayImage

user32

LoadCursorW
DrawMenuBar
wsprintfW
GetMenu
AdjustWindowRect
GetWindowLongA
CheckMenuItem
DdeSetUserHandle
SwitchToThisWindow
MessageBoxW
DestroyIcon
PtInRect
GetWindowContextHelpId
SetClipboardData
SetCaretPos
RegisterClassA
CallWindowProcA
RegisterClassExA
SetWinEventHook
InSendMessageEx
RegisterClassW
GetMessagePos
GetClipboardFormatNameW
DefFrameProcA
GetClassLongW
InsertMenuItemW
EnableScrollBar
DrawFrame
GetWindow
DrawFrameControl
MessageBoxA
SetWindowPlacement
UnregisterClassA
AdjustWindowRectEx
AnyPopup
FindWindowExA
EnumWindows
BroadcastSystemMessageW
GetCapture
MonitorFromPoint
SwitchDesktop
FreeDDElParam
GetWindowRect
TabbedTextOutA
IsClipboardFormatAvailable
CloseWindowStation
WinHelpW
LoadKeyboardLayoutA
CreateDesktopA
CharNextExA
UpdateWindow
GetWindowTextW
TileWindows
DdeClientTransaction
IsZoomed
GetClipCursor
TranslateMDISysAccel
SetWindowContextHelpId
SetWindowsHookW
GetWindowInfo
CharToOemA
CreateCaret
EnumDisplaySettingsExW
DdeQueryConvInfo
GetDlgItem
EnumPropsExA
CreateMDIWindowA

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d891e166b6eb53db94fbdda5bfbf7b45

Headers

File Characteristics

PDB Paths

Imports

kernel32

comdlg32

comctl32

user32

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 244KB - Virtual size: 242KB

.data Size: 108KB - Virtual size: 129KB

.rsrc Size: 108KB - Virtual size: 104KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 244KB - Virtual size: 242KB

.data
Size: 108KB - Virtual size: 129KB

.rsrc
Size: 108KB - Virtual size: 104KB