33da3df87881661e38480a40dc3a321e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

33da3df87881661e38480a40dc3a321e_JaffaCakes118
Size

768KB
MD5

33da3df87881661e38480a40dc3a321e
SHA1

f519b9f253596fc23376fdfd21907e51663bd15b
SHA256

1c0f96924b2f8848627ac42676d20f2c75a4695104042a4a1cd991af3ac0ab9b
SHA512

ed70a89dfe96db8273c0e66366d9b777d731513f13736431e9d8ec675649a6b19033d40b0c516e938100abd3d5dd2579b64a7ab6cae7f8a83dada81a14286a82
SSDEEP

12288:hJUG2/sauExRt0LgNTdnFwitHhgD6PIlw4h0x5vn4/0bCNzE2Iv7:7UT/sa/xsL65nLtHU66TSvn4/0fN7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33da3df87881661e38480a40dc3a321e_JaffaCakes118

Files

33da3df87881661e38480a40dc3a321e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a89bf8a9d84608584f905fe0b2a8fe2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\ohaozoos\serqc\qiheome\uo

Imports

kernel32

TlsGetValue
FileTimeToLocalFileTime
LoadLibraryA
WideCharToMultiByte
OpenWaitableTimerW
CreateMutexA
GetConsoleMode
lstrcpy
SetFilePointer
UnhandledExceptionFilter
SetConsoleCursorPosition
GetEnvironmentStrings
GetACP
IsValidCodePage
lstrcpynA
GetShortPathNameA
GlobalAddAtomW
GetThreadLocale
WriteConsoleW
GetTimeFormatA
GetDateFormatW
OpenEventW
HeapDestroy
LCMapStringW
ReadFile
ExitProcess
HeapReAlloc
GetEnvironmentStringsW
CreateFileA
GetPrivateProfileStringW
MultiByteToWideChar
SetCurrentDirectoryA
VirtualFreeEx
GetCurrentProcess
FreeEnvironmentStringsA
GetProfileIntA
SetHandleCount
GetDateFormatA
GetCurrentProcessId
HeapAlloc
OpenMutexW
GetStartupInfoA
GetFileType
GetSystemTimeAsFileTime
EnterCriticalSection
GetShortPathNameW
ReleaseMutex
SetWaitableTimer
GetProcAddress
WriteConsoleA
TerminateProcess
WriteProfileStringA
LocalSize
DuplicateHandle
InterlockedExchange
WriteFile
FlushFileBuffers
VirtualQuery
InitializeCriticalSectionAndSpinCount
FindAtomA
GlobalFree
GetConsoleOutputCP
SetLastError
GetModuleHandleA
GetLocaleInfoW
EnumSystemCodePagesA
VirtualAlloc
IsDebuggerPresent
LeaveCriticalSection
VirtualFree
GetVolumeInformationW
CompareStringW
GetDiskFreeSpaceExA
GetConsoleCP
TlsSetValue
CloseHandle
FreeEnvironmentStringsW
GlobalUnfix
InterlockedDecrement
CreateDirectoryExW
SetConsoleCtrlHandler
TlsFree
CopyFileA
SetConsoleCursorInfo
FlushConsoleInputBuffer
GetTimeZoneInformation
QueryPerformanceCounter
GetCurrencyFormatA
GetVersionExA
HeapSize
HeapFree
CreateToolhelp32Snapshot
GetConsoleCursorInfo
Sleep
GetCommandLineA
DeleteCriticalSection
GetStringTypeW
GetLastError
IsValidLocale
HeapCreate
GetStringTypeA
GetUserDefaultLCID
GetNumberFormatW
GetCurrentThreadId
OpenSemaphoreA
lstrlenW
GetPrivateProfileSectionNamesW
CreateFileMappingA
SetUnhandledExceptionFilter
CompareStringA
WaitForSingleObjectEx
TlsAlloc
HeapValidate
FreeLibrary
GetPriorityClass
GetCurrentThread
GetStdHandle
WaitNamedPipeA
OpenMutexA
GetTickCount
GetLocaleInfoA
GetCPInfo
InterlockedIncrement
IsBadReadPtr
EnumSystemLocalesA
GetOEMCP
LCMapStringA
GetModuleFileNameA
GetModuleHandleW
SetEnvironmentVariableA
RtlUnwind
SetStdHandle

user32

PeekMessageA
SwitchDesktop
MessageBoxA
CharNextW
RegisterClipboardFormatA
RegisterClassA
MapVirtualKeyExA
SetMenuItemBitmaps
IsClipboardFormatAvailable
ShowWindow
SetFocus
DestroyWindow
DefWindowProcW
GetKeyState
SetClassLongA
EnumDisplaySettingsA
CreateWindowExA
RegisterClassExA
CountClipboardFormats
CreateMDIWindowW
AppendMenuA
GetInputState
UnhookWinEvent

shell32

SHGetNewLinkInfo
SHGetMalloc
SheSetCurDrive

comctl32

ImageList_DragMove
ImageList_DragShowNolock
CreatePropertySheetPage
ImageList_LoadImage
ImageList_GetFlags
ImageList_Duplicate
InitCommonControlsEx
ImageList_LoadImageA
ImageList_SetFlags
ImageList_GetImageRect
ImageList_GetIconSize
ImageList_GetBkColor
ImageList_Copy
DrawStatusTextA
ImageList_SetFilter
DrawInsert
ImageList_GetImageInfo

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 456KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a89bf8a9d84608584f905fe0b2a8fe2b

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

comctl32

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 456KB - Virtual size: 452KB

.data Size: 144KB - Virtual size: 170KB

.rsrc Size: 64KB - Virtual size: 63KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 456KB - Virtual size: 452KB

.data
Size: 144KB - Virtual size: 170KB

.rsrc
Size: 64KB - Virtual size: 63KB