24f523d5dd6a997cf2f09eb03dbff73f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

24f523d5dd6a997cf2f09eb03dbff73f_JaffaCakes118
Size

612KB
MD5

24f523d5dd6a997cf2f09eb03dbff73f
SHA1

c7495a099615acf2b54bd9a1a6b6726579f96278
SHA256

eec17de333db2a757b8b3f9c4582c6bd3c990ca22d26a61dd74531973c4299c2
SHA512

b433cfd3d2465e708f60b241748243cab5cdd2c1546145e097e6e0dacc6ffdda2319ec407a29a3fd12746032b4cbea27de4042c1798f3fd0036168d1875e2e4f
SSDEEP

12288:p9lAuUzyXEKHAd4iQWiYi6GGarLTRZszmZTZS3RAQ5fs/g6:LlAu4yXfHA2iRig/arL/3TZYRl5k/g6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24f523d5dd6a997cf2f09eb03dbff73f_JaffaCakes118

Files

24f523d5dd6a997cf2f09eb03dbff73f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6a2d40582f209a9c37489e6e779aa61a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\doaegyb.pdb

Imports

kernel32

ReadConsoleW
GetTimeZoneInformation
GetUserDefaultLCID
TlsAlloc
GetUserDefaultLangID
CompareFileTime
CreateMutexA
ReadConsoleInputA
GetStringTypeExA
SetHandleCount
GetLocaleInfoA
GetNamedPipeInfo
WritePrivateProfileStructW
SetConsoleWindowInfo
GetPrivateProfileStructA
OpenMutexA
OpenWaitableTimerA
LCMapStringW
InterlockedExchange
GlobalUnfix
GetFileSize
GetModuleFileNameA
GetSystemInfo
SetComputerNameW
lstrcpyn
CompareStringA
CreatePipe
GetCommandLineA
HeapReAlloc
InterlockedIncrement
ReadFile
CreateDirectoryA
IsBadReadPtr
GetCurrentProcessId
WriteFile
WaitForMultipleObjects
GetCommandLineW
RtlUnwind
SetConsoleCursorPosition
FreeEnvironmentStringsW
CopyFileExA
GetComputerNameW
IsValidCodePage
CompareStringW
GetCurrentThread
GlobalDeleteAtom
WideCharToMultiByte
SetConsoleCtrlHandler
TlsSetValue
HeapFree
FindFirstFileExA
EnterCriticalSection
GetLocaleInfoW
FileTimeToDosDateTime
SetLastError
TerminateProcess
CreateMailslotA
HeapSize
GetFileType
SetEnvironmentVariableA
lstrcatA
FindResourceExW
HeapCreate
ExitProcess
GetWindowsDirectoryW
Sleep
FreeLibrary
LocalUnlock
CreateFileA
GetTimeFormatA
HeapAlloc
WriteConsoleW
LoadLibraryA
RemoveDirectoryW
WaitForSingleObjectEx
SetStdHandle
MultiByteToWideChar
EnumSystemLocalesA
GetCalendarInfoA
TlsGetValue
SetFilePointer
TlsFree
GetOEMCP
GetFileAttributesExA
WriteConsoleInputA
VirtualQuery
CreateWaitableTimerW
FreeEnvironmentStringsA
WriteConsoleA
GetModuleHandleW
GetCPInfo
CloseHandle
GetVersion
GetModuleHandleA
GetLastError
GetDriveTypeA
GetThreadSelectorEntry
GetStringTypeA
GetConsoleMode
QueryPerformanceCounter
GetDiskFreeSpaceA
GetThreadTimes
DosDateTimeToFileTime
GlobalFindAtomW
CopyFileA
WriteProfileStringA
GetDateFormatA
LCMapStringA
GetThreadPriority
GetCurrentProcess
ReadConsoleOutputW
IsValidLocale
VirtualQueryEx
GetConsoleCP
EnumResourceNamesA
GetConsoleOutputCP
GetModuleFileNameW
SetSystemTime
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
SetWaitableTimer
GetEnvironmentStringsW
WriteProfileStringW
InterlockedDecrement
GetProcAddress
GetProfileIntW
GetCurrentThreadId
GetTempPathA
InterlockedCompareExchange
GlobalFix
FlushFileBuffers
GetStartupInfoA
GetTickCount
UnhandledExceptionFilter
HeapDestroy
GetSystemTime
IsDebuggerPresent
VirtualFree
SetVolumeLabelA
ReleaseMutex
GetStringTypeW
VirtualAlloc
SetPriorityClass
EnumTimeFormatsW
GetStdHandle
SetThreadLocale
DeleteCriticalSection
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
SetEvent
GetACP
GetStartupInfoW
LeaveCriticalSection

user32

ShowCursor
EnumDisplaySettingsExW
SetProcessDefaultLayout
AttachThreadInput
SetClassLongW
LoadMenuA
DestroyWindow
CreateWindowExW
IsCharUpperA
GetAncestor
ShowWindow
MessageBoxW
RegisterClassA
GetListBoxInfo
DrawStateA
CharUpperBuffW
ModifyMenuA
LoadAcceleratorsW
CascadeChildWindows
MapWindowPoints
DrawMenuBar
EnableWindow
TrackPopupMenu
DdeFreeStringHandle
IsCharUpperW
FlashWindow
GetIconInfo
DrawIconEx
RegisterClassExA
DefWindowProcW
CallMsgFilter
wvsprintfW
ChangeDisplaySettingsA
SendMessageW
DdeQueryNextServer
MonitorFromRect

comctl32

DrawInsert
InitCommonControlsEx
ImageList_Replace
ImageList_DragShowNolock
MakeDragList

Sections

.text
Size: 184KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a2d40582f209a9c37489e6e779aa61a

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

Sections

.text Size: 184KB - Virtual size: 181KB

.rdata Size: 268KB - Virtual size: 267KB

.data Size: 112KB - Virtual size: 117KB

.rsrc Size: 44KB - Virtual size: 40KB

.text
Size: 184KB - Virtual size: 181KB

.rdata
Size: 268KB - Virtual size: 267KB

.data
Size: 112KB - Virtual size: 117KB

.rsrc
Size: 44KB - Virtual size: 40KB