2449cc6a691ac4cdcd43ba8b1a873f25_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2449cc6a691ac4cdcd43ba8b1a873f25_JaffaCakes118
Size

1.5MB
MD5

2449cc6a691ac4cdcd43ba8b1a873f25
SHA1

b08fd7b8614a4088c5e08f03c2ceda79a4953468
SHA256

1341a084cfc0be4482c55238c11f1140951f941efe267d53c0391fb131b44f97
SHA512

60e7222999bbbfb75bc8d9420ff425e6b10b6b470f33a802d07c38c397bc644472313820767ade075a719869250edabf7fbd2b8b2095e6912dded8fbcfb7bb99
SSDEEP

24576:jGMNeBthfmiiT6k0f23uafqfbjKfl5Df8Mbsni29jZK/g+d0o9OficX:nIiT6kqfeHDf8MbsXKo+vgf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2449cc6a691ac4cdcd43ba8b1a873f25_JaffaCakes118

Files

2449cc6a691ac4cdcd43ba8b1a873f25_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7d5f454562a2b56c6eb08adc2ac1c2fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\spceo\inboasbttv\kxzaouhbss\xab

Imports

shell32

DuplicateIcon
DragQueryFileW

comdlg32

ChooseColorA
GetSaveFileNameA
GetSaveFileNameW

user32

SetDlgItemInt
DestroyWindow
GetSubMenu
DdeClientTransaction
CreateCursor
DefDlgProcA
CreateWindowExW
ShowWindowAsync
RegisterClassA
ShowWindow
RegisterClassExA
DefWindowProcA
MessageBoxW
GetLastActivePopup
GetKBCodePage
ShowScrollBar
ActivateKeyboardLayout

kernel32

ExitProcess
MultiByteToWideChar
RtlUnwind
ReadFile
DeleteFileW
LCMapStringA
GetVersion
CreateMutexA
HeapReAlloc
TerminateProcess
GetOEMCP
GetProcAddress
GetEnvironmentStringsW
GetLocaleInfoA
GetCPInfo
GetLocalTime
WritePrivateProfileStructW
SetStdHandle
InterlockedExchange
ExpandEnvironmentStringsW
SetFilePointer
GetStringTypeA
EnumCalendarInfoExW
GetACP
CompareStringW
FlushFileBuffers
HeapCreate
GetModuleFileNameA
CloseHandle
GetCurrentThread
TlsGetValue
InitializeCriticalSection
HeapDestroy
GetSystemTime
DeleteCriticalSection
SetConsoleCP
LeaveCriticalSection
GetTickCount
GetFullPathNameW
InterlockedDecrement
OpenMutexA
FreeEnvironmentStringsW
GetEnvironmentStrings
FindResourceExW
UnhandledExceptionFilter
VirtualAlloc
GetCurrentThreadId
GetStartupInfoA
SetCriticalSectionSpinCount
LocalFlags
GetStringTypeW
InterlockedIncrement
QueryPerformanceCounter
GetStdHandle
GetModuleHandleA
GlobalReAlloc
HeapFree
SetLastError
VirtualFree
LCMapStringW
GetLastError
GetFileType
TlsSetValue
CreateWaitableTimerW
SetHandleCount
CreateWaitableTimerA
CompareStringA
OpenSemaphoreA
FreeEnvironmentStringsA
VirtualQuery
SetEnvironmentVariableA
TlsFree
LoadLibraryA
WriteFile
EnterCriticalSection
GetCurrentProcessId
GetCurrentProcess
WideCharToMultiByte
GetSystemTimeAsFileTime
HeapAlloc
IsBadWritePtr
RemoveDirectoryW
lstrcmpiW
TlsAlloc
GetTimeZoneInformation
GetCommandLineA

comctl32

CreatePropertySheetPageA
ImageList_SetFlags
ImageList_DragShowNolock
InitCommonControlsEx
ImageList_Draw
ImageList_SetIconSize

advapi32

CryptSetProviderA
RegCreateKeyExA
CryptSetProviderExW
RegLoadKeyA
LookupPrivilegeDisplayNameA
CreateServiceA
DuplicateTokenEx
RegLoadKeyW
RegQueryValueW
LookupSecurityDescriptorPartsA
DuplicateToken
CryptSetProviderExA
CryptSetProviderW
CryptVerifySignatureA
RegQueryValueExW

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 251KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d5f454562a2b56c6eb08adc2ac1c2fc

Headers

File Characteristics

PDB Paths

Imports

shell32

comdlg32

user32

kernel32

comctl32

advapi32

Sections

.text Size: 126KB - Virtual size: 125KB

.rdata Size: 251KB - Virtual size: 263KB

.data Size: 1.1MB - Virtual size: 1.1MB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 126KB - Virtual size: 125KB

.rdata
Size: 251KB - Virtual size: 263KB

.data
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 8KB - Virtual size: 8KB