283ea2aac41a5a4ad82a1e62e2d61c5b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

283ea2aac41a5a4ad82a1e62e2d61c5b_JaffaCakes118
Size

664KB
MD5

283ea2aac41a5a4ad82a1e62e2d61c5b
SHA1

1a4a1e01389e7414e740ddb44ad8e53ea0c296d2
SHA256

abffb2e4c26507c67f98d4a286682f3fd4ead59fc9b395670e196c602581635f
SHA512

a368f3451269f27c3ede6b1253b707e64fa6acc433f03be6f0abcda1ad1e9f89c25f960d4495bfec8014389ccae6de113ebf785e3634bacbfa467405d620e4e0
SSDEEP

12288:MG6sMqHjA0+aCzIgT4Ns8Y+rbdAckSEiRkZaE6Y5zE9:Mkb+jj4ifuAcYnZFS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
283ea2aac41a5a4ad82a1e62e2d61c5b_JaffaCakes118

Files

283ea2aac41a5a4ad82a1e62e2d61c5b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1b2d0579dea26e505fe81949358095ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\teyo

Imports

kernel32

InitializeCriticalSection
EnumCalendarInfoW
GetCurrentProcess
GetProcessAffinityMask
CloseHandle
TlsGetValue
CreateMutexW
CompareStringA
LoadModule
UnhandledExceptionFilter
OutputDebugStringW
TlsAlloc
ReadConsoleInputW
lstrcmpA
GetCPInfo
SetComputerNameA
GetCommandLineA
lstrcatW
EnumResourceTypesA
GetCurrentProcessId
GetNumberFormatA
GlobalReAlloc
GetTickCount
VirtualQuery
AddAtomW
HeapFree
HeapReAlloc
ReadFile
CreateMutexA
GetStringTypeW
CompareStringW
OpenEventW
HeapAlloc
OpenSemaphoreW
HeapCreate
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLocalTime
FindNextFileA
GetModuleHandleA
CreateSemaphoreA
SetFilePointer
GetCompressedFileSizeW
HeapDestroy
GetVersionExW
GetCommandLineW
RtlUnwind
EnumCalendarInfoA
GetSystemTime
TerminateThread
SetTimeZoneInformation
GetFileType
LoadLibraryExW
TerminateProcess
FreeEnvironmentStringsA
GetEnvironmentStringsW
GetLogicalDriveStringsW
SetStdHandle
SetHandleCount
GetUserDefaultLCID
GetProcAddress
GetVersion
GetStartupInfoA
ReadConsoleOutputW
InterlockedIncrement
LocalFileTimeToFileTime
GetEnvironmentVariableW
WriteConsoleOutputA
GetStringTypeA
LeaveCriticalSection
RtlFillMemory
LCMapStringW
WaitNamedPipeW
GetCurrentThread
SetVolumeLabelW
GetSystemTimeAsFileTime
SetConsoleTitleW
GetProcessShutdownParameters
GetCurrentThreadId
GetNamedPipeHandleStateW
WideCharToMultiByte
CreateNamedPipeW
OpenMutexW
lstrcpyA
ReadConsoleOutputAttribute
HeapLock
QueryPerformanceCounter
EnterCriticalSection
GetModuleFileNameA
SetLastError
SetEnvironmentVariableA
VirtualQueryEx
TlsFree
LoadLibraryA
GlobalUnfix
OpenMutexA
IsBadReadPtr
InterlockedDecrement
GetStdHandle
GetWindowsDirectoryW
lstrcmpW
VirtualFreeEx
LCMapStringA
IsBadWritePtr
HeapValidate
WritePrivateProfileStringA
DeleteFileW
GetStartupInfoW
CreateFileA
DeleteCriticalSection
WriteProfileSectionW
SetThreadLocale
GetPrivateProfileSectionW
FlushFileBuffers
GetSystemDirectoryW
VirtualFree
GetAtomNameW
GetTimeZoneInformation
GetProfileIntA
GetNumberFormatW
GetLastError
GetModuleFileNameW
GetLogicalDriveStringsA
MultiByteToWideChar
EnumDateFormatsA
UnmapViewOfFile
InterlockedExchange
ExitProcess
ReadConsoleOutputA
TlsSetValue
VirtualAlloc
WriteFile
LocalCompact

comctl32

ImageList_GetImageCount
ImageList_Read
ImageList_AddIcon
ImageList_GetIconSize
ImageList_Draw
ImageList_GetImageRect
ImageList_GetIcon
DrawStatusTextA
InitCommonControlsEx
CreateUpDownControl
DrawInsert
ImageList_LoadImageA
GetEffectiveClientRect
ImageList_Create
ImageList_SetDragCursorImage
CreatePropertySheetPageW
ImageList_DragLeave
ImageList_Copy
CreateStatusWindowW

user32

CountClipboardFormats
EnableScrollBar
RegisterHotKey
IsCharLowerA
DdeCreateDataHandle
GetMonitorInfoA
GetUpdateRgn
VkKeyScanExA
DdeAbandonTransaction
RegisterClassA
OpenInputDesktop
SetClipboardViewer
DefMDIChildProcA
EnumPropsW
RegisterClipboardFormatA
CharToOemBuffA
GetMenuItemInfoW
DdeConnectList
RegisterClassExA
CopyAcceleratorTableW

shell32

ExtractAssociatedIconA

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b2d0579dea26e505fe81949358095ad

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

shell32

Sections

.text Size: 192KB - Virtual size: 190KB

.rdata Size: 252KB - Virtual size: 249KB

.data Size: 116KB - Virtual size: 141KB

.rsrc Size: 100KB - Virtual size: 98KB

.text
Size: 192KB - Virtual size: 190KB

.rdata
Size: 252KB - Virtual size: 249KB

.data
Size: 116KB - Virtual size: 141KB

.rsrc
Size: 100KB - Virtual size: 98KB