248cd6487ae38ab6e58bff300123af3e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

248cd6487ae38ab6e58bff300123af3e_JaffaCakes118
Size

564KB
MD5

248cd6487ae38ab6e58bff300123af3e
SHA1

1cf45cd341acdaabb620a856149d9a782b0994e9
SHA256

33755601c37ebc4d11f85ecbe3b851b589801c29e6c2130322f0320700a2be9c
SHA512

749977b1fe5e2248927700ec1d8ca12a9f3312f3f7ce76d3fd1fe2bc25701e863f0a4ffbd3018698811c0ca58a3dee69c0c4578c30531c538169626a5074eff2
SSDEEP

12288:oIKMA9r0Q3poaNydIVO4SzFKdlhw0zZAAeR2stQOXQoK:ozMA9r0Q3p30CzSRuzmv2o+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
248cd6487ae38ab6e58bff300123af3e_JaffaCakes118

Files

248cd6487ae38ab6e58bff300123af3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b1ef5e25fbfe58e0d07beeb73a7a23aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\ueo\wtfs\btvpssjr\ezzs\sqgae\gxc.pdb

Imports

kernel32

ContinueDebugEvent
HeapSize
GetTimeZoneInformation
CreateMutexA
CreateMutexW
GetThreadPriority
IsBadWritePtr
GetModuleFileNameA
FindResourceExA
TlsFree
TlsSetValue
VirtualAlloc
WritePrivateProfileStructA
QueryPerformanceCounter
TerminateProcess
GetConsoleTitleW
SetCurrentDirectoryW
InitializeCriticalSection
CreateDirectoryExA
GetThreadTimes
GetSystemDirectoryA
UnhandledExceptionFilter
CloseHandle
ReadFileEx
GetTimeFormatA
SetEnvironmentVariableA
GetLocaleInfoA
FillConsoleOutputCharacterW
TlsGetValue
GetCurrentProcessId
VirtualProtect
FoldStringA
RtlUnwind
GetCPInfo
FreeLibraryAndExitThread
HeapReAlloc
SetVolumeLabelA
LockFileEx
SetHandleCount
GlobalFindAtomW
IsValidLocale
WaitNamedPipeW
WritePrivateProfileSectionA
DeleteFiber
GetCurrentThreadId
EnumSystemLocalesW
LCMapStringW
SetLastError
FlushFileBuffers
GetCurrentThread
GlobalFix
SetStdHandle
GetStringTypeA
GetDateFormatA
FindFirstFileExA
FileTimeToLocalFileTime
GetCommandLineA
WriteFileEx
OpenMutexA
SetLocaleInfoW
GetConsoleCursorInfo
GetEnvironmentStrings
GetLastError
HeapFree
DeleteCriticalSection
GetTempFileNameA
LoadLibraryA
SetWaitableTimer
GlobalGetAtomNameA
GetFileTime
WideCharToMultiByte
lstrcmpi
SetSystemTime
WriteFile
GetStringTypeW
CompareStringW
GetLongPathNameA
DebugBreak
HeapCreate
GetVersionExA
VirtualQuery
OpenFileMappingA
GetSystemInfo
SetFilePointer
MultiByteToWideChar
OpenProcess
CopyFileA
GetLocaleInfoW
CreateRemoteThread
CompareStringA
LCMapStringA
GlobalCompact
FlushViewOfFile
GetCurrentProcess
EnterCriticalSection
InterlockedExchange
TlsAlloc
GetACP
GetNamedPipeHandleStateA
ExitProcess
OpenFileMappingW
MoveFileExW
GetPriorityClass
FormatMessageA
GetSystemTimeAsFileTime
EnumResourceNamesW
VirtualFree
GetConsoleCP
GetUserDefaultLCID
EnumTimeFormatsA
IsValidCodePage
GetFileType
SetConsoleMode
EnumSystemCodePagesW
FreeEnvironmentStringsA
LeaveCriticalSection
GetProfileStringA
GetPrivateProfileSectionW
GetProcAddress
WritePrivateProfileStructW
GetStdHandle
HeapAlloc
GetConsoleScreenBufferInfo
EnumSystemLocalesA
SetVolumeLabelW
TransmitCommChar
GetOEMCP
TerminateThread
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTickCount
WriteConsoleA
GetStartupInfoA
ReadFile
HeapDestroy
GetModuleHandleA

comctl32

ImageList_SetIconSize
GetEffectiveClientRect
ImageList_DrawIndirect
CreateStatusWindowA
InitCommonControlsEx
ImageList_Read
DrawInsert
CreateUpDownControl
DrawStatusTextA
ImageList_Merge
ImageList_Destroy
ImageList_LoadImage
ImageList_DrawEx
ImageList_Remove
ImageList_AddIcon
ImageList_Write
ImageList_DragShowNolock
ImageList_SetOverlayImage
ImageList_DragLeave
ImageList_ReplaceIcon

comdlg32

FindTextA
PageSetupDlgA
GetSaveFileNameA
ChooseColorA

shell32

RealShellExecuteExA
SHInvokePrinterCommandW
SheChangeDirExW

wininet

GopherGetAttributeW
UnlockUrlCacheEntryFile

user32

LoadBitmapW
GetMessagePos
GetWindowDC
EnumDisplayDevicesA
GetScrollRange
RemoveMenu
RegisterClassA
CreateWindowExW
ShowWindow
GetSystemMetrics
MessageBoxW
IsCharAlphaNumericW
UnhookWindowsHookEx
OemToCharBuffA
EnumClipboardFormats
CreateIcon
GetMonitorInfoA
WINNLSEnableIME
SetCursorPos
EditWndProc
CreateWindowStationA
CharUpperBuffA
DefWindowProcW
DefFrameProcA
GetWindowModuleFileNameA
SetWindowLongW
GetClassInfoExA
GetClassWord
OemToCharW
SetMenuContextHelpId
IsClipboardFormatAvailable
wvsprintfW
DestroyWindow
DefMDIChildProcW
CharLowerA
GetNextDlgTabItem
SendNotifyMessageA
WindowFromDC
SetWindowTextW
GetDesktopWindow
RegisterClassExA
DispatchMessageA

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1ef5e25fbfe58e0d07beeb73a7a23aa

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

comdlg32

shell32

wininet

user32

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 248KB - Virtual size: 246KB

.data Size: 116KB - Virtual size: 119KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 248KB - Virtual size: 246KB

.data
Size: 116KB - Virtual size: 119KB

.rsrc
Size: 20KB - Virtual size: 17KB