256be8b8d8f3b2890da39f2b712ffacd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

256be8b8d8f3b2890da39f2b712ffacd_JaffaCakes118
Size

1.6MB
MD5

256be8b8d8f3b2890da39f2b712ffacd
SHA1

0bde7d132d6317dbbd1b9063b99c8b29e523416b
SHA256

a89616e3adf474ae5e9ab6501d145ba258d6f1f8b1d21b6a860b4ca865c03769
SHA512

6443d4fc03be282a8dc4dc29c3a3ef7224ca79c6e80f1761ad61757a060da5c7790fd9ab4acf3db99d47402188b8f85e4d1adedb729cc8c8ff850828e26eaaf6
SSDEEP

49152:EOTS2M3la5ixVchy9whTKg1HSEtptd46aLL762+2:EcS2Miiw8whTHHOLL76

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
256be8b8d8f3b2890da39f2b712ffacd_JaffaCakes118

Files

256be8b8d8f3b2890da39f2b712ffacd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7f64957628feeca502234c00a6a3d99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\CSGS\CJHAEOEI\VOEQEBAOA\ETO\DCPBD\OJTSQET.PDB

Imports

gdi32

DeleteDC
ModifyWorldTransform
SetMetaFileBitsEx
CreateDCW
GetDeviceCaps
DPtoLP
GetTextExtentPointA

comctl32

ImageList_DragShowNolock
ImageList_ReplaceIcon
CreateToolbar
CreateToolbarEx
_TrackMouseEvent
ImageList_GetImageInfo
DrawStatusTextA
InitCommonControlsEx
DestroyPropertySheetPage

kernel32

TlsSetValue
Sleep
TlsFree
GetCurrentThreadId
GetConsoleCP
GetTimeFormatA
InterlockedExchange
InitializeCriticalSection
FlushFileBuffers
GetProcessHeap
GetStdHandle
HeapFree
LCMapStringW
CreateFileW
MultiByteToWideChar
SetEnvironmentVariableA
HeapSize
CreateFileA
GetConsoleMode
HeapDestroy
GetProcAddress
GetConsoleOutputCP
TerminateProcess
GetCommandLineA
GetFileType
TlsAlloc
GetOEMCP
WritePrivateProfileStringW
LocalFileTimeToFileTime
GetProfileSectionW
CompareStringA
VirtualAlloc
WriteConsoleA
SetLastError
FreeEnvironmentStringsW
ExitProcess
CloseHandle
EnterCriticalSection
GetVersionExA
CreateMutexA
SetStdHandle
LeaveCriticalSection
LocalLock
GetCurrentProcess
GetModuleHandleA
IsDebuggerPresent
WideCharToMultiByte
GetTimeZoneInformation
RtlUnwind
QueryPerformanceCounter
GetEnvironmentVariableA
GetACP
LoadLibraryA
GetEnvironmentStrings
GetUserDefaultLCID
SetUnhandledExceptionFilter
VirtualQuery
IsValidCodePage
SetHandleCount
ReadFile
CreateDirectoryExA
GetModuleFileNameA
GetStartupInfoA
HeapCreate
GetCurrentThread
GetDateFormatA
VirtualFree
SetCurrentDirectoryW
HeapAlloc
EnumSystemLocalesA
WriteFile
InterlockedDecrement
FillConsoleOutputAttribute
FreeLibrary
CompareStringW
WriteConsoleW
GetFileSize
GetCPInfo
lstrcat
GetLocaleInfoA
GetStringTypeA
LCMapStringA
WaitForSingleObjectEx
GetLastError
TlsGetValue
DuplicateHandle
FreeEnvironmentStringsA
GetCurrentProcessId
GetTickCount
GetStringTypeW
DeleteCriticalSection
IsValidLocale
GetLocaleInfoW
ReadConsoleA
SetConsoleCtrlHandler
OpenMutexA
InterlockedIncrement
HeapReAlloc
GetSystemTimeAsFileTime
SetFilePointer
GetEnvironmentStringsW
UnhandledExceptionFilter
LocalUnlock

user32

GetLastActivePopup
DdeUnaccessData
CreateWindowExW
FlashWindowEx
MessageBoxA
RegisterClassExA
SetMenuDefaultItem
MonitorFromPoint
MessageBoxIndirectA
GetDlgCtrlID
GetQueueStatus
RegisterClassA
GetMenuStringA
ShowWindow

advapi32

CryptContextAddRef
LookupPrivilegeDisplayNameW
CryptSignHashA
RegEnumKeyExA
RegReplaceKeyA
CryptAcquireContextW
CryptDeriveKey
CryptSetProviderExA
RegSetKeySecurity
RegOpenKeyExW

wininet

InternetConfirmZoneCrossingW
GopherGetAttributeW
FindFirstUrlCacheGroup

Sections

.text
Size: 310KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7f64957628feeca502234c00a6a3d99

Headers

File Characteristics

PDB Paths

Imports

gdi32

comctl32

kernel32

user32

advapi32

wininet

Sections

.text Size: 310KB - Virtual size: 309KB

.rdata Size: 65KB - Virtual size: 79KB

.data Size: 1.2MB - Virtual size: 1.2MB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 310KB - Virtual size: 309KB

.rdata
Size: 65KB - Virtual size: 79KB

.data
Size: 1.2MB - Virtual size: 1.2MB

.rsrc
Size: 16KB - Virtual size: 15KB