390ef5fdc58a0f43b08e712746441ee3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

390ef5fdc58a0f43b08e712746441ee3_JaffaCakes118
Size

128KB
MD5

390ef5fdc58a0f43b08e712746441ee3
SHA1

f241c12883931be0ad540e754908fee713ac962c
SHA256

920a9af3dabf4a4ad013793ba716e8556b84dc65169c20ee49996d01de6c8704
SHA512

361eaf80d3fe6a77dad7816b698e2411a8972bb0db7dd088341bed5048cd7e50554256f0490b77d245ee8d04e58043f75fe29c0a6178ddf865616af9fe4b9c04
SSDEEP

3072:Ejg06dfYVscpikfdlOhlRDE8IU1pzQc/w/7KAZM/JuL:Mt6dfW3FdGDH1pFw7K04M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
390ef5fdc58a0f43b08e712746441ee3_JaffaCakes118

Files

390ef5fdc58a0f43b08e712746441ee3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b82e176a46bdeeeff5f122048dc3a402

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\yvugusy\Buzezan.pdb

Imports

ole32

OleCreate
CoInitialize
StgCreateDocfile
CoSuspendClassObjects
CoUninitialize
OleInitialize
OleSetContainedObject

version

GetFileVersionInfoW
VerQueryValueW

uxtheme

GetThemeTextExtent
DrawThemeBackground
GetThemeBackgroundRegion
CloseThemeData

setupapi

SetupFindFirstLineW
SetupGetLineTextW
SetupFindNextLine
SetupCloseInfFile

kernel32

HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LCMapStringW
LCMapStringA
GetSystemInfo
VirtualProtect
WideCharToMultiByte
GetLocaleInfoA
VirtualQuery
InterlockedExchange
RtlUnwind
LoadLibraryA
GetCPInfo
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
EnterCriticalSection
GetProfileStringW
CloseHandle
OpenMutexW
VirtualFree
VirtualAlloc
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
GetStartupInfoW
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapSize

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 518KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b82e176a46bdeeeff5f122048dc3a402

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ole32

version

uxtheme

setupapi

kernel32

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 68KB - Virtual size: 518KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 68KB - Virtual size: 518KB