19c0caa17d42cbe8daf3a719162f9029_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

19c0caa17d42cbe8daf3a719162f9029_JaffaCakes118
Size

376KB
MD5

19c0caa17d42cbe8daf3a719162f9029
SHA1

1b9ba7e70d0a760bf0fa5128e1c2e02002058b38
SHA256

ff320f0b61995e082cbd8674b070323f59524851f05da4901591d6cccdf61d19
SHA512

a4332f75b9e38e248b8a76d7dc09e5a2a04b7c2eccab047c774fd9620504325e5beb71d61372f886ff262f5040c1f8e3fa3afe8b8268fb6d7e45b71c2d3b81f5
SSDEEP

6144:OssoBMOFPs/L517ncFVC1caNUPRlH+jZPQ4lDTQ/ZlvrSofREC7D60n27HcKNiHg:OssoBZlMLP7ncFsDQL+jRdlDTQRlv+AM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19c0caa17d42cbe8daf3a719162f9029_JaffaCakes118

Files

19c0caa17d42cbe8daf3a719162f9029_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e8f4c950feb7241e6916f071a1a9c60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\otho\eeqptro\yeeksil\tganyffse\iehoro

Imports

comctl32

ImageList_BeginDrag
ImageList_SetIconSize
DrawStatusTextW
CreatePropertySheetPage
ImageList_GetFlags
ImageList_AddMasked
CreatePropertySheetPageA
ImageList_SetFlags
GetEffectiveClientRect
InitMUILanguage
InitCommonControlsEx
CreateStatusWindowW
ImageList_DrawEx
MakeDragList
_TrackMouseEvent
DrawInsert
ImageList_DrawIndirect
ImageList_GetIconSize
ImageList_AddIcon
ImageList_SetDragCursorImage
ImageList_Create
ImageList_LoadImageA

kernel32

SetFilePointer
GetModuleFileNameA
GetStringTypeW
UnhandledExceptionFilter
VirtualProtect
TlsFree
HeapSize
TlsGetValue
GetStdHandle
GetCurrentThreadId
GetOEMCP
VirtualQuery
IsValidLocale
TerminateProcess
MultiByteToWideChar
GetLocaleInfoA
EnterCriticalSection
EnumSystemLocalesA
LCMapStringW
MapViewOfFile
GetVersionExA
LoadLibraryA
GetEnvironmentStrings
GetTimeZoneInformation
ReadFile
GetSystemInfo
lstrcpynA
GetModuleFileNameW
TlsSetValue
FreeEnvironmentStringsA
HeapAlloc
GetProfileSectionW
GetModuleHandleA
HeapDestroy
HeapCreate
TlsAlloc
GetTickCount
VirtualFree
CompareStringA
SetLastError
GetUserDefaultLCID
GetDateFormatA
GetEnvironmentStringsW
DeleteCriticalSection
GetCurrentProcessId
GetStringTypeA
GetSystemTimeAsFileTime
RtlUnwind
ExitProcess
IsValidCodePage
LCMapStringA
FreeEnvironmentStringsW
InterlockedExchange
GetTimeFormatA
GetPrivateProfileStringW
LeaveCriticalSection
CompareStringW
FlushFileBuffers
GetFileType
HeapFree
InitializeCriticalSection
WriteFile
QueryPerformanceCounter
HeapReAlloc
GetCommandLineA
SetStdHandle
GetCPInfo
SetEnvironmentVariableA
IsBadWritePtr
OpenMutexA
CloseHandle
GetStartupInfoW
GetStartupInfoA
InterlockedDecrement
GetCommandLineW
GetACP
GetLocaleInfoW
GetLastError
GetProcAddress
WideCharToMultiByte
GetCurrentProcess
SetHandleCount
GetCurrentThread
CreateMutexA
VirtualAlloc

user32

VkKeyScanW
PostMessageW
CascadeWindows
DispatchMessageW
VkKeyScanA
RegisterClassA
SendNotifyMessageA
IsClipboardFormatAvailable
LoadCursorFromFileA
CharToOemA
UnionRect
InvertRect
DdeDisconnectList
GetCapture
DestroyWindow
EnableScrollBar
ClipCursor
RegisterClassExA
GetIconInfo
CreateDialogParamW
SetClassLongA
SetDlgItemTextA

Sections

.text
Size: 221KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e8f4c950feb7241e6916f071a1a9c60

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

Sections

.text Size: 221KB - Virtual size: 220KB

.rdata Size: 15KB - Virtual size: 34KB

.data Size: 87KB - Virtual size: 86KB

.rsrc Size: 51KB - Virtual size: 51KB

.text
Size: 221KB - Virtual size: 220KB

.rdata
Size: 15KB - Virtual size: 34KB

.data
Size: 87KB - Virtual size: 86KB

.rsrc
Size: 51KB - Virtual size: 51KB