3896302dd853828d2d1e523ad2578092_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3896302dd853828d2d1e523ad2578092_JaffaCakes118
Size

365KB
MD5

3896302dd853828d2d1e523ad2578092
SHA1

6588d0fce193818818009b6371abe574259558c4
SHA256

967c45ce6c9c6b2fdf5e199eae566ce34413ba0821a7fae7efa931b50d06af51
SHA512

c6d5ac74ec55bec8211f8a09d5c0848e9d5eabc464d43879a201bf4606e17bcbdb1739f1e6b3ffad7a75b0449f0425e209a3129c6fdd1d56cf05273a783ca9dd
SSDEEP

6144:DumYcyPtLZdZpyKO32zLuT8l+G/6PYZBjKzIOHNBYhbXBecEDWf:am6Xr3O32z6T6+Zw/WsOtBQlf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3896302dd853828d2d1e523ad2578092_JaffaCakes118

Files

3896302dd853828d2d1e523ad2578092_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9849cd1b8b5c463fdd825263d26976f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\kdvbix\mouinjoctr\lrl\feusz.pdb

Imports

comctl32

ImageList_Create
ImageList_BeginDrag
ImageList_DrawIndirect
ImageList_EndDrag
InitCommonControlsEx
CreateUpDownControl
DrawStatusTextA
ImageList_GetFlags
ImageList_Replace
ImageList_LoadImageW
ImageList_DragShowNolock
ImageList_GetIconSize
ImageList_DragLeave
ImageList_Add

shell32

ShellExecuteExA
SHGetPathFromIDListA
SHQueryRecycleBinA
FindExecutableW

user32

GetMenuCheckMarkDimensions
GetCursorPos
MapVirtualKeyW
RegisterClassExA
SetMessageQueue
MessageBoxW
LockWindowUpdate
IsCharAlphaNumericW
TranslateAccelerator
SetPropW
WinHelpW
SetPropA
GetDCEx
GetPriorityClipboardFormat
ShowScrollBar
EndMenu
GetSysColor
DefDlgProcW
GetGUIThreadInfo
InsertMenuA
SetMenuContextHelpId
LoadCursorW
GetKeyboardLayoutNameW
CharUpperA
GetDC
RegisterClassA
GetSystemMetrics
GetScrollInfo
GetInputDesktop
GetClipboardFormatNameA

wininet

InternetConfirmZoneCrossing
SetUrlCacheGroupAttributeA
InternetGetConnectedState
InternetTimeFromSystemTime
UnlockUrlCacheEntryFileW
LoadUrlCacheContent
ShowCertificate
FindFirstUrlCacheEntryA

kernel32

Sleep
GetDateFormatA
GetProcAddress
UnhandledExceptionFilter
VirtualAlloc
RtlUnwind
WideCharToMultiByte
GetLocaleInfoW
WriteConsoleW
HeapFree
OpenMutexA
LoadLibraryA
GetStartupInfoW
GetCurrentDirectoryA
lstrcpynW
GetFileType
GetConsoleMode
HeapCreate
ResumeThread
HeapSize
WriteConsoleA
GetConsoleOutputCP
VirtualFree
GetCPInfo
GetModuleFileNameW
GetStdHandle
GetConsoleCP
CreateProcessW
HeapReAlloc
GetCurrentThreadId
GetConsoleTitleA
FreeLibrary
IsValidCodePage
IsValidLocale
InterlockedIncrement
CreateFileA
GetCommandLineW
VirtualQuery
ReadConsoleOutputA
LCMapStringW
GetStartupInfoA
TlsAlloc
GetLastError
GetACP
ReadFile
GetTimeFormatA
SetStdHandle
SetConsoleCtrlHandler
CreateMutexA
HeapDestroy
SetEnvironmentVariableA
CloseHandle
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
CompareStringA
GlobalAddAtomA
GetOEMCP
GetCommandLineA
CompareStringW
GetModuleHandleA
SetUnhandledExceptionFilter
GetCurrentProcess
EnterCriticalSection
FreeEnvironmentStringsW
TlsSetValue
WriteFile
GetUserDefaultLCID
GetCurrentThread
VirtualAllocEx
GetModuleHandleW
EnumResourceNamesW
GetEnvironmentStringsW
GetProfileIntA
InterlockedDecrement
TerminateProcess
TlsFree
GetModuleFileNameA
QueryPerformanceCounter
MultiByteToWideChar
GetTempFileNameA
GetPrivateProfileStructA
ExitProcess
SetEvent
CreateMailslotW
GetStringTypeW
SetFilePointer
WritePrivateProfileStringA
GetTimeZoneInformation
GetTickCount
DeleteFileW
SetLastError
HeapAlloc
GetLocaleInfoA
RtlMoveMemory
GetStringTypeA
LCMapStringA
GetNumberFormatW
GetVersionExA
OpenSemaphoreA
EnumSystemLocalesA
TransactNamedPipe
CompareFileTime
SetLocalTime
FlushFileBuffers
GetSystemTimeAsFileTime
TlsGetValue
LeaveCriticalSection
DeleteCriticalSection
SetHandleCount
GetCurrentProcessId
InterlockedExchange

Sections

.text
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9849cd1b8b5c463fdd825263d26976f3

Headers

File Characteristics

PDB Paths

Imports

comctl32

shell32

user32

wininet

kernel32

Sections

.text Size: 165KB - Virtual size: 164KB

.rdata Size: 79KB - Virtual size: 79KB

.data Size: 91KB - Virtual size: 114KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 165KB - Virtual size: 164KB

.rdata
Size: 79KB - Virtual size: 79KB

.data
Size: 91KB - Virtual size: 114KB

.rsrc
Size: 28KB - Virtual size: 27KB