2ce175b7ea79944fd73a95602df25397_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ce175b7ea79944fd73a95602df25397_JaffaCakes118
Size

389KB
MD5

2ce175b7ea79944fd73a95602df25397
SHA1

1ea29701d08e610195e804b0d5819e794c1b1cc6
SHA256

7641fc8040a3fdd902e3a5dd565283b54bb93447cbaf690ee19698fa25f3cee7
SHA512

ada0a3f4fe2126d7f520bfd2b1cbc3ff9a86d10d3bf1bc515ad99e2ca336eeea15a41805a157a7747e82605e3551fe8cff2c15137c125dd2bd909aede06daddc
SSDEEP

6144:LVM38QU17raLeFKTzW9p9TtJmuZhE2YzEPdvrVEU5uZ8V2bY7LAnog1wapQW:L6387raCFKTCDQuIneOU8jbY7LAL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ce175b7ea79944fd73a95602df25397_JaffaCakes118

Files

2ce175b7ea79944fd73a95602df25397_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2cb87525fb2a6f4c4430b330f8b9b817

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\ghhhohkq\neyoesart\ezbywsfe\vovot.PDB

Imports

wininet

UnlockUrlCacheEntryFileA
FindFirstUrlCacheContainerA
FindFirstUrlCacheGroup
RetrieveUrlCacheEntryStreamW
HttpEndRequestA

user32

SetWindowTextW
CreateWindowExW
MessageBoxA
RegisterClassA
SetUserObjectSecurity
DrawTextA
FindWindowA
RegisterClassExA
LoadKeyboardLayoutA
ShowWindow

comdlg32

ReplaceTextA
ChooseColorA
LoadAlterBitmap
GetFileTitleA

kernel32

GetTimeZoneInformation
SetFilePointer
IsValidCodePage
CreateMutexA
GetModuleFileNameW
CompareStringW
GetStringTypeA
VirtualAlloc
GetOEMCP
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
GetStringTypeW
GetModuleFileNameA
GetStdHandle
HeapDestroy
VirtualProtect
GetCurrentProcess
LCMapStringW
QueryPerformanceCounter
GetLocaleInfoW
IsBadReadPtr
WriteFile
GetCurrentProcessId
GetCPInfo
TlsFree
GetLastError
GetVersionExA
TlsGetValue
InitializeCriticalSection
FreeEnvironmentStringsW
ReadFile
GetUserDefaultLCID
EnterCriticalSection
FreeEnvironmentStringsA
HeapCreate
GetCurrentThread
HeapValidate
GetProfileSectionW
GetSystemInfo
GetFileType
RemoveDirectoryA
LocalReAlloc
SetLastError
WriteConsoleOutputAttribute
GetCommandLineW
lstrcpynW
InterlockedIncrement
GlobalFree
GetTimeFormatA
SetStdHandle
GetACP
HeapAlloc
EnumSystemLocalesA
GetTickCount
VirtualQuery
OutputDebugStringA
IsValidLocale
GetDateFormatA
GetStartupInfoA
SetEnvironmentVariableA
WideCharToMultiByte
UnhandledExceptionFilter
HeapFree
GetLocaleInfoA
TerminateProcess
ExitProcess
LoadLibraryA
DeleteCriticalSection
FlushFileBuffers
GetProcAddress
OpenMutexA
IsBadWritePtr
HeapReAlloc
GetCommandLineA
GetModuleHandleA
GetStartupInfoW
LCMapStringA
RtlUnwind
GetEnvironmentStrings
DebugBreak
LeaveCriticalSection
GetCurrentThreadId
SetHandleCount
CloseHandle
CompareStringA
TlsSetValue
InterlockedExchange
TlsAlloc
MultiByteToWideChar
GetEnvironmentStringsW
InterlockedDecrement
VirtualFree

advapi32

CryptSetProviderW
RegEnumValueA
CryptSetProviderExA
CryptReleaseContext
AbortSystemShutdownW
RegSaveKeyA
RegSetValueExW
GetUserNameW
CryptHashSessionKey
LookupSecurityDescriptorPartsA
CryptGetDefaultProviderA
LogonUserA

comctl32

InitCommonControlsEx
DrawStatusText
CreatePropertySheetPageW
ImageList_ReplaceIcon
ImageList_GetImageCount

shell32

DuplicateIcon
ShellHookProc

Sections

.text
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2cb87525fb2a6f4c4430b330f8b9b817

Headers

File Characteristics

PDB Paths

Imports

wininet

user32

comdlg32

kernel32

advapi32

comctl32

shell32

Sections

.text Size: 261KB - Virtual size: 261KB

.rdata Size: 21KB - Virtual size: 40KB

.data Size: 91KB - Virtual size: 91KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 261KB - Virtual size: 261KB

.rdata
Size: 21KB - Virtual size: 40KB

.data
Size: 91KB - Virtual size: 91KB

.rsrc
Size: 14KB - Virtual size: 13KB