259d0fd86d3b676fb53d0e4cf0df2e7a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

259d0fd86d3b676fb53d0e4cf0df2e7a_JaffaCakes118
Size

770KB
MD5

259d0fd86d3b676fb53d0e4cf0df2e7a
SHA1

173b8383a5c059f9ed9b5d7d32568409734ba890
SHA256

212b0ac50477958d7f83fb0f1d73ab59f282dd6bba948ae47c5871873200d96e
SHA512

aa2623d920c25b14de4df208e7eb68ea3cfd4206e0ebb5b416de388117d86580c6df58ec00db2f3d5d606343852956cbd824ff789803f2cfec5a84da9e221873
SSDEEP

12288:f2AmcIZPZ8YEEFLUavZoVr1bmytt+SNxHTYFMRIjNhHOSfk+w8kJVe+GZ0:eNbZlvkr+OMFQIjJfk7hU+G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
259d0fd86d3b676fb53d0e4cf0df2e7a_JaffaCakes118

Files

259d0fd86d3b676fb53d0e4cf0df2e7a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b0b2cadfb661cdee169ab6cf15f0755

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\osuteo\tcdherxoev\whedsizb\bonlyleb\nzzokqon\aud.PDB

Imports

kernel32

SetEnvironmentVariableA
TlsFree
GetStartupInfoA
GetEnvironmentStringsW
UnhandledExceptionFilter
GetModuleHandleA
GetConsoleOutputCP
SetHandleCount
GetTimeZoneInformation
LCMapStringW
HeapAlloc
CompareStringW
InterlockedExchange
ReadFile
SetFilePointer
GetLastError
GetConsoleMode
LoadLibraryA
IsDebuggerPresent
IsBadReadPtr
ExitProcess
HeapReAlloc
LoadLibraryW
GetCurrentProcess
FreeLibrary
GetConsoleCP
GetCommandLineA
WritePrivateProfileStringA
GetModuleHandleW
GetCPInfo
EnumSystemLocalesA
FreeEnvironmentStringsW
GetStringTypeA
GetLocaleInfoW
SetLastError
CreateMutexA
lstrlenA
WriteConsoleA
WideCharToMultiByte
RtlUnwind
GetCurrentThread
GetCommandLineW
Sleep
GetProcessHeap
GetCurrentThreadId
WriteConsoleW
RaiseException
CloseHandle
VirtualQuery
WriteFile
OutputDebugStringW
SetUnhandledExceptionFilter
DeleteCriticalSection
LCMapStringA
GetDateFormatA
GetACP
VirtualAlloc
SetConsoleCtrlHandler
OpenMutexA
GetStringTypeW
FlushFileBuffers
TerminateProcess
GetLocaleInfoA
GetUserDefaultLCID
TlsGetValue
InterlockedDecrement
HeapCreate
HeapValidate
VirtualFree
HeapSize
GetSystemTimeAsFileTime
OutputDebugStringA
GetModuleFileNameW
QueryPerformanceCounter
DebugBreak
GetTickCount
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
GetProcAddress
TlsAlloc
HeapFree
CompareStringA
InterlockedIncrement
MultiByteToWideChar
GetModuleFileNameA
SetStdHandle
GetOEMCP
LeaveCriticalSection
IsValidLocale
GetStdHandle
GetTimeFormatA
GetCurrentProcessId
EnterCriticalSection
EnumCalendarInfoA
CreateFileA
GetFileType
TlsSetValue
HeapDestroy
IsValidCodePage

shell32

SHGetFileInfoA
SHGetPathFromIDListW
DragQueryFileW
SHGetSpecialFolderPathA

user32

EnumThreadWindows
GetKeyboardType
UnionRect
MessageBoxA
OemKeyScan
RegisterClassA
GetScrollBarInfo
CreateMDIWindowA
EnumDisplaySettingsA
BeginPaint
SetParent
CreateWindowExW
GetMenuState
ReleaseDC
MonitorFromRect
CallWindowProcW
SetMenu
GetUserObjectInformationA
PostQuitMessage
RegisterClassExA
ShowWindow
SetCursor
MenuItemFromPoint
SetThreadDesktop
BlockInput
GetWindow
TranslateAccelerator
LoadCursorA
PeekMessageA

comctl32

ImageList_DragShowNolock
ImageList_Remove
MakeDragList
ImageList_Write
DrawInsert
ImageList_Draw
ImageList_SetBkColor
ImageList_DrawIndirect
ImageList_EndDrag
CreateStatusWindowA
CreatePropertySheetPage
CreateStatusWindowW
ImageList_Replace
ImageList_GetBkColor
ImageList_Destroy
InitCommonControlsEx
ImageList_GetImageRect
ImageList_SetIconSize
DrawStatusTextA
GetEffectiveClientRect
ImageList_Create
ImageList_Copy

Sections

.text
Size: 572KB - Virtual size: 572KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b0b2cadfb661cdee169ab6cf15f0755

Headers

File Characteristics

PDB Paths

Imports

kernel32

shell32

user32

comctl32

Sections

.text Size: 572KB - Virtual size: 572KB

.rdata Size: 73KB - Virtual size: 97KB

.data Size: 109KB - Virtual size: 109KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 572KB - Virtual size: 572KB

.rdata
Size: 73KB - Virtual size: 97KB

.data
Size: 109KB - Virtual size: 109KB

.rsrc
Size: 13KB - Virtual size: 13KB