186cb82c0c37f3d876de25e35a3bd0f4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

186cb82c0c37f3d876de25e35a3bd0f4_JaffaCakes118
Size

491KB
MD5

186cb82c0c37f3d876de25e35a3bd0f4
SHA1

0d3cf6cc5b4a0dfb0385e1602da7b1e0d99eb149
SHA256

0a7b846b9c10bf5a2cda52c0181a6e89975997f6479c5a953201d37e91f5bd40
SHA512

08c1d1c3ae3a3bd854445c21273d28c3cbcbb235820421b6804be7ae7c4b16a8ed5b6f85b56cd66c8ee676894cd2b5c35b2fa6f1d43cc65037d4f5d7abd62dc8
SSDEEP

12288:lDTEfZvubnZSWUZ5PA+otWJoIPTpMQsttik2iP5oQ:lDQfZWzZSDZ5IIoIPT2pgk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
186cb82c0c37f3d876de25e35a3bd0f4_JaffaCakes118

Files

186cb82c0c37f3d876de25e35a3bd0f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

95f3be8a12e5e5d30a7108aae18466d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\jvipxqosva\ehy

Imports

comdlg32

PrintDlgA
PrintDlgW

kernel32

CloseHandle
GetStartupInfoW
GetCPInfo
WriteFile
InitializeCriticalSection
GetCommandLineA
ExitProcess
FlushFileBuffers
LeaveCriticalSection
UnhandledExceptionFilter
GetStringTypeA
FreeEnvironmentStringsA
GetModuleHandleA
TlsGetValue
GetTimeZoneInformation
GetVersion
IsBadWritePtr
HeapCreate
GetSystemTimeAsFileTime
SetEnvironmentVariableA
CreateMutexA
QueryPerformanceCounter
HeapDestroy
FreeEnvironmentStringsW
CompareStringW
GetModuleFileNameA
VirtualQuery
RtlUnwind
SetStdHandle
LoadLibraryA
SetHandleCount
LCMapStringW
GetCurrentThreadId
GetSystemTime
CompareStringA
ReadFile
OpenMutexA
SetLastError
GetModuleFileNameW
GetCommandLineW
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStringTypeW
GetProcAddress
TerminateProcess
TlsFree
EnterCriticalSection
InterlockedExchange
SetFilePointer
MultiByteToWideChar
VirtualFree
GetCurrentProcess
HeapFree
GetEnvironmentStringsW
GetStdHandle
TlsAlloc
HeapReAlloc
VirtualAlloc
GetCurrentThread
InterlockedDecrement
GetTickCount
InterlockedIncrement
HeapAlloc
WideCharToMultiByte
GetCurrentProcessId
GetLastError
GetModuleHandleW
GetLocalTime
LCMapStringA
GetEnvironmentStrings
TlsSetValue

user32

HideCaret
GetMenu
GetDlgItem
ShowWindow
CreateDesktopW
VkKeyScanA
CallNextHookEx
MessageBoxA
RegisterClassExA
DestroyWindow
IsRectEmpty
CreateWindowExW
CreateDialogIndirectParamW
RegisterClassA
GetKeyboardState
CharToOemBuffA
DefWindowProcW

comctl32

ImageList_Draw
CreateStatusWindowA
ImageList_GetDragImage
ImageList_SetFilter
ImageList_GetImageRect
ImageList_DragShowNolock
ImageList_Copy
ImageList_SetOverlayImage
ImageList_SetFlags
CreateToolbar
DrawStatusText
ImageList_Destroy
ImageList_LoadImageA
InitCommonControlsEx
ImageList_DragMove
ImageList_DragLeave
ImageList_Merge

Sections

.text
Size: 305KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95f3be8a12e5e5d30a7108aae18466d1

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

user32

comctl32

Sections

.text Size: 305KB - Virtual size: 304KB

.rdata Size: 56KB - Virtual size: 69KB

.data Size: 102KB - Virtual size: 101KB

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 305KB - Virtual size: 304KB

.rdata
Size: 56KB - Virtual size: 69KB

.data
Size: 102KB - Virtual size: 101KB

.rsrc
Size: 27KB - Virtual size: 26KB