263d3d090df16a7611189cf5ca9a58e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

263d3d090df16a7611189cf5ca9a58e6_JaffaCakes118
Size

563KB
MD5

263d3d090df16a7611189cf5ca9a58e6
SHA1

5126e35a73b4080538eee049f5015ee64f24e92e
SHA256

0e35c0ee83593dade771efda1e6e642f5c05305a9af72cea0cf2bdce9eeccf14
SHA512

270852b768620340e1b93ecfb8b655682a3b4a6cb3b65b5b71bb3e48d36e28e8ef1c45804898c3f9ef660a3c0e90ece88ce87b43db26025146bcfcd7bc770014
SSDEEP

6144:H/Unn0B2dDZUQMMlazXtawTe2vIyJGMapTu2WYzta0eHNqyAfC6HkCD8IohvciXk:HMmInl2T39apTubY58CDpoOHbFyN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
263d3d090df16a7611189cf5ca9a58e6_JaffaCakes118

Files

263d3d090df16a7611189cf5ca9a58e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0bc48c1429681eda584b9d6adcca573a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\sufeyexpz\ntuubflyfn\uszkxccjkz\nuixu.pdb

Imports

comctl32

ImageList_Replace
DrawInsert
InitCommonControlsEx
ImageList_SetBkColor
CreatePropertySheetPageA
ImageList_DragShowNolock
ImageList_DrawIndirect
DrawStatusText
ImageList_Draw
ImageList_Duplicate
CreateToolbarEx
ImageList_SetIconSize
ImageList_GetBkColor
ImageList_Merge
ImageList_Destroy
ImageList_DrawEx
ImageList_Copy
ImageList_SetDragCursorImage
CreateStatusWindowW
ImageList_Read
ImageList_GetImageRect

user32

SendMessageA
RegisterClassExA
DdeReconnect
IntersectRect
RegisterClassA
DdeGetLastError
EnumDisplayDevicesA
ShowWindow
DlgDirSelectExA
WindowFromPoint
CharLowerW
SetWindowTextA
DefWindowProcA
LoadMenuIndirectA
DrawFocusRect
CharUpperW
RegisterWindowMessageA
GetMenuStringA
InvalidateRect
CreateWindowExA
IsCharAlphaNumericW
UnregisterHotKey
SetDlgItemTextW
BlockInput
EnumThreadWindows
BroadcastSystemMessageA
LoadMenuA
ReplyMessage
GetClassInfoW
EnableMenuItem
CharToOemBuffA
wsprintfA
TrackPopupMenu
GrayStringA
OffsetRect
OpenIcon
InsertMenuA
DdeFreeDataHandle
DefWindowProcW
GetKBCodePage
HideCaret
CheckMenuItem
PostThreadMessageA
InternalGetWindowText
MonitorFromPoint
DrawEdge
GetKeyState
IsCharAlphaW
LookupIconIdFromDirectoryEx
IsCharLowerW
WINNLSGetIMEHotkey
IsDlgButtonChecked
MessageBoxA
GetUserObjectInformationW
PackDDElParam
MessageBoxIndirectA
BeginPaint
AdjustWindowRectEx
PaintDesktop
GetGuiResources
SetDeskWallpaper
CascadeWindows
SendMessageTimeoutW
GetListBoxInfo
FindWindowA
DestroyWindow
GetWindowTextLengthA

comdlg32

GetSaveFileNameW
GetOpenFileNameA
ChooseColorW
GetOpenFileNameW

wininet

GetUrlCacheHeaderData
FtpRemoveDirectoryA
InternetReadFile
CreateUrlCacheContainerW
InternetCombineUrlW
GopherGetAttributeW

kernel32

GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
TlsFree
TlsGetValue
GetSystemTime
CreateMutexA
GetFileType
LCMapStringW
ReadFile
UnhandledExceptionFilter
MultiByteToWideChar
QueryPerformanceCounter
OpenMutexA
GetVersion
SetFilePointer
VirtualAlloc
SetConsoleWindowInfo
WriteFile
GetCurrentThreadId
TlsSetValue
IsBadWritePtr
HeapAlloc
GetTickCount
GetEnvironmentStringsW
GetCurrentThread
CompareStringA
GetModuleFileNameW
GetStringTypeW
SetHandleCount
GetStartupInfoW
GetModuleFileNameA
GetCommandLineW
FileTimeToDosDateTime
VirtualFree
GetStringTypeA
SetEndOfFile
DeleteCriticalSection
GetLastError
GetStartupInfoA
CompareStringW
FreeEnvironmentStringsA
SetStdHandle
GetEnvironmentStrings
GetCurrentProcess
GetModuleHandleA
MapViewOfFile
GetTimeZoneInformation
TerminateProcess
LCMapStringA
LoadLibraryA
RtlUnwind
InterlockedExchange
HeapCreate
GetLocalTime
GetStdHandle
GetProcAddress
WideCharToMultiByte
HeapReAlloc
PulseEvent
GetSystemTimeAsFileTime
VirtualQuery
HeapFree
InterlockedDecrement
SetEnvironmentVariableA
GetCPInfo
ExitProcess
TlsAlloc
CloseHandle
HeapDestroy
FreeEnvironmentStringsW
GetCommandLineA
FlushFileBuffers
SetLastError
InterlockedIncrement

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0bc48c1429681eda584b9d6adcca573a

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

comdlg32

wininet

kernel32

Sections

.text Size: 172KB - Virtual size: 172KB

.rdata Size: 256KB - Virtual size: 255KB

.data Size: 111KB - Virtual size: 137KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 172KB - Virtual size: 172KB

.rdata
Size: 256KB - Virtual size: 255KB

.data
Size: 111KB - Virtual size: 137KB

.rsrc
Size: 23KB - Virtual size: 22KB