23b828a95a52d5a602053677f33f4e51_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

23b828a95a52d5a602053677f33f4e51_JaffaCakes118
Size

584KB
MD5

23b828a95a52d5a602053677f33f4e51
SHA1

f68bbe1b4c282df7a82061fc4e2fdaebd6c3e8b3
SHA256

eeb5993cd358b85c6207241766c04df878183d1614e9fdf56b13a04ccca93fe4
SHA512

1cf1bc6649003e713c5ba07924fcd2ef1379218d27e31aceb09c8370adc24dc235c119c732c83189e4d7a2d645fb245bb4d6b966375c4726996cbc8555d71c11
SSDEEP

12288:364+ZKbPkGK/Wu8NUi+ijGZDWfDT+1/GD4y6pGJko4ec1x:3Y8kGK//8kqG8Sb3pGi/ec

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23b828a95a52d5a602053677f33f4e51_JaffaCakes118

Files

23b828a95a52d5a602053677f33f4e51_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf9421cfb5b23c11fa96707950650be0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\IEV\EWWQABRO\JNHAPRNEEA\AYKFAAST.PDB

Imports

kernel32

EnumSystemLocalesA
GetTimeFormatA
EnumDateFormatsA
GetTickCount
GetUserDefaultLCID
VirtualAlloc
GetEnvironmentStringsW
SetHandleCount
OpenSemaphoreW
GetTimeZoneInformation
SetLastError
LCMapStringW
CloseHandle
FlushFileBuffers
SetEnvironmentVariableA
TlsGetValue
GetCurrentProcess
HeapSize
LeaveCriticalSection
ReadFile
InitializeCriticalSection
FreeEnvironmentStringsA
WideCharToMultiByte
GetCPInfo
GlobalFlags
OpenMutexA
TerminateProcess
CreateMutexA
UnhandledExceptionFilter
IsBadWritePtr
HeapDestroy
GetModuleHandleA
HeapFree
CompareStringA
QueryPerformanceCounter
LCMapStringA
MultiByteToWideChar
VirtualFree
GetModuleFileNameA
GetLocaleInfoW
HeapAlloc
GetStringTypeW
ExitProcess
GetVersionExA
VirtualProtect
GetCurrentThreadId
HeapReAlloc
GetDateFormatA
WriteFile
GetOEMCP
CreateFileW
LoadLibraryA
CompareStringW
HeapCreate
SetStdHandle
GetFileType
DeleteCriticalSection
TlsSetValue
FreeEnvironmentStringsW
SetFilePointer
EnterCriticalSection
GetSystemTimeAsFileTime
LockFile
GetLocaleInfoA
GetCurrentThread
RtlUnwind
GetEnvironmentVariableA
GetStdHandle
GetACP
VirtualQuery
InterlockedExchangeAdd
GetEnvironmentStrings
GetStringTypeA
TlsAlloc
LocalAlloc
InterlockedExchange
IsValidLocale
GetSystemInfo
IsValidCodePage
GetProcAddress
GetLastError
GetCalendarInfoA
GetCurrentProcessId
GetCommandLineA
GetStartupInfoA
TlsFree
GlobalFree
FindFirstFileA

comctl32

CreateMappedBitmap
ImageList_GetImageInfo
ImageList_DrawIndirect
ImageList_GetDragImage
ImageList_Merge
ImageList_DragEnter
ImageList_Draw
ImageList_SetFilter
ImageList_Copy
ImageList_Read
ImageList_GetImageRect
DrawInsert
GetEffectiveClientRect
ImageList_DragLeave
ImageList_Replace
ImageList_SetFlags
CreateToolbarEx
ImageList_GetImageCount
ImageList_DrawEx
CreateStatusWindow
ImageList_GetIconSize
ImageList_AddIcon
ImageList_EndDrag
InitMUILanguage
CreatePropertySheetPageA
InitCommonControlsEx

comdlg32

PrintDlgA
ChooseColorA

user32

LoadIconA
GetDlgItem
ExcludeUpdateRgn
LoadAcceleratorsA
GetShellWindow
WINNLSEnableIME
InsertMenuItemW
RegisterClassExA
OpenDesktopA
RegisterClassA

shell32

SHFreeNameMappings

Sections

.text
Size: 384KB - Virtual size: 384KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf9421cfb5b23c11fa96707950650be0

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

comdlg32

user32

shell32

Sections

.text Size: 384KB - Virtual size: 384KB

.rdata Size: 44KB - Virtual size: 54KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 50KB - Virtual size: 49KB

.text
Size: 384KB - Virtual size: 384KB

.rdata
Size: 44KB - Virtual size: 54KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 50KB - Virtual size: 49KB