1958cda83427c9b750910b0af4c85029_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1958cda83427c9b750910b0af4c85029_JaffaCakes118
Size

469KB
MD5

1958cda83427c9b750910b0af4c85029
SHA1

d264bb65ca45e104754407e1682d19e870b2d4f0
SHA256

bd075e2b400758170afc0089bf66a46cce6056fec37847261d5ecf8c9be0451d
SHA512

272b69c5d6ce47d86cf45f5dca4391597ec3cc57098a49e55e7c1d596a639af27b93217cfcc3cd15d9ae96bce836314f8fdef5fbdeac5ddf7991b672af9d2fe0
SSDEEP

12288:nRqUMSoh5ozTr+xqlGvvUb4FIN7165M+0pPfDhEWnT:RKhuf+xqlGvMxw5M+mDGi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1958cda83427c9b750910b0af4c85029_JaffaCakes118

Files

1958cda83427c9b750910b0af4c85029_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1b38f997719df3d57a81ae262730242

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\izeekq\evydouty.PDB

Imports

user32

GetMenuState
DdeReconnect
wvsprintfW
SwitchToThisWindow
GetUpdateRgn
EnumPropsExW
SetDoubleClickTime
EndMenu
ValidateRgn
GetLastActivePopup
AdjustWindowRect
GetMessagePos
ShowScrollBar
LoadKeyboardLayoutW
DdeCreateStringHandleA
DefDlgProcW
ShowWindow
CreateWindowExA
SendNotifyMessageA
MessageBoxA
CallMsgFilter
TrackPopupMenu
RegisterClassExA
RegisterClassA
DrawAnimatedRects
ChildWindowFromPointEx
IsRectEmpty

advapi32

LookupAccountNameW
RegReplaceKeyA
RegLoadKeyA
RegSetKeySecurity
RegEnumValueW
LookupPrivilegeDisplayNameA
LookupSecurityDescriptorPartsW
InitiateSystemShutdownW
InitiateSystemShutdownA
CryptAcquireContextW
CryptGetDefaultProviderA
AbortSystemShutdownA
RegQueryValueA
RevertToSelf
CryptGetUserKey
CryptGenRandom
CryptSetKeyParam
LookupAccountSidA
InitializeSecurityDescriptor
CryptSetProviderA
CreateServiceA
RegOpenKeyW
CryptSetHashParam
LookupAccountNameA

comctl32

InitCommonControlsEx

shell32

SHGetDiskFreeSpaceA
SHInvokePrinterCommandW
SheGetDirA

kernel32

LeaveCriticalSection
GetLocaleInfoW
GlobalSize
FreeEnvironmentStringsW
IsValidCodePage
FindFirstFileW
GetTimeFormatA
GetProcAddress
UnhandledExceptionFilter
GetSystemTimeAsFileTime
SetConsoleTitleA
VirtualFree
EnumSystemLocalesA
GetLocalTime
ExpandEnvironmentStringsA
SetHandleCount
VirtualAlloc
FreeEnvironmentStringsA
GetACP
CreateMutexA
GetEnvironmentStringsW
GetCurrentProcess
RtlUnwind
FindResourceExW
GetThreadPriority
VirtualProtect
InitializeCriticalSection
TlsFree
IsBadWritePtr
InterlockedExchange
HeapFree
GetSystemInfo
GetConsoleCP
WriteConsoleOutputA
GetCommandLineA
CloseHandle
GetLocaleInfoA
GetCalendarInfoW
IsValidLocale
FreeResource
SetEnvironmentVariableA
EnterCriticalSection
GetModuleHandleA
GetCurrentThread
WideCharToMultiByte
WriteFile
GetCurrentProcessId
OpenMutexA
HeapReAlloc
SetStdHandle
GetTickCount
GetDateFormatA
HeapSize
TlsSetValue
CompareStringW
LoadLibraryA
QueryPerformanceCounter
ExitProcess
UnlockFile
GetUserDefaultLCID
HeapAlloc
CompareStringA
GetCPInfo
GetLastError
GetVersionExA
GetOEMCP
GetUserDefaultLangID
VirtualQuery
ReadFile
GetPriorityClass
SetLastError
LCMapStringA
GetStdHandle
LCMapStringW
GetEnvironmentStrings
lstrcpyn
GetStringTypeA
CreateWaitableTimerA
GetTimeZoneInformation
GetStartupInfoA
DeleteCriticalSection
HeapCreate
SetFilePointer
TerminateProcess
GetFileType
GetCurrentThreadId
GetModuleFileNameA
TlsAlloc
FlushFileBuffers
TlsGetValue
GetStringTypeW
MultiByteToWideChar
HeapDestroy

Sections

.text
Size: 283KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1b38f997719df3d57a81ae262730242

Headers

File Characteristics

PDB Paths

Imports

user32

advapi32

comctl32

shell32

kernel32

Sections

.text Size: 283KB - Virtual size: 283KB

.rdata Size: 68KB - Virtual size: 99KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 283KB - Virtual size: 283KB

.rdata
Size: 68KB - Virtual size: 99KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 16KB - Virtual size: 16KB