3a218310ae2acabb86ccef2bc285e635_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a218310ae2acabb86ccef2bc285e635_JaffaCakes118
Size

352KB
MD5

3a218310ae2acabb86ccef2bc285e635
SHA1

0829137797572d6b3956e0d3d28076242a690510
SHA256

6544becdc1901ca6ad6bd63a16fe11eefc767b52b3effda216ba1aa38f559c85
SHA512

4e3099728a54ceb228ca521d60a572d08aa124937a1579cae88e70f56c899df50b30a700538e00befe85115122e4dbb77328c1c43c0427e8239890b0d9592d83
SSDEEP

6144:3vINl/Ooe2ZTEN8Ved41CNqP9v96oFMuxep2XCMkUJ8UOW51+XC:3vINEF2dESrPW2jxK2XCLSOu+y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a218310ae2acabb86ccef2bc285e635_JaffaCakes118

Files

3a218310ae2acabb86ccef2bc285e635_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29873f547d16dd5022cf3ad98c24377f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

K:\SDRI\WHVM\DTCYSPWN\EZJG\OHSUWLEWAE.PDB

Imports

user32

GetAsyncKeyState
RegisterClassA
OemToCharW
RegisterClassExA
UnregisterDeviceNotification
ToUnicode
EnumDisplayDevicesA
DispatchMessageA
SetMenuDefaultItem
IsDialogMessageA
CheckMenuItem
CopyIcon
SetWindowTextA
SetWindowsHookA
IsDialogMessage
GetKBCodePage
IsRectEmpty
EnumDisplaySettingsW

kernel32

CompareStringA
GetCommandLineW
GetPrivateProfileStringW
GetStartupInfoW
CreateMutexA
CloseHandle
GetOEMCP
UnhandledExceptionFilter
TlsGetValue
SetEnvironmentVariableA
GetTimeFormatA
GetEnvironmentStrings
OpenSemaphoreA
GetCurrentProcess
ExitProcess
GetACP
GetCommandLineA
EnumResourceNamesW
GetSystemTime
HeapCreate
CreateSemaphoreA
LocalFlags
RtlUnwind
SetStdHandle
ReadFile
SetHandleCount
GetLastError
lstrlenW
TlsFree
VirtualAlloc
VirtualQuery
SetConsoleOutputCP
GetStringTypeW
GetModuleHandleA
GetSystemTimeAsFileTime
InitializeCriticalSection
GetLocaleInfoW
VirtualProtect
VirtualFree
WideCharToMultiByte
GetTimeZoneInformation
OpenProcess
GetDiskFreeSpaceA
FlushFileBuffers
GetConsoleScreenBufferInfo
DuplicateHandle
lstrcmp
CompareStringW
GetEnvironmentStringsW
GetCurrentThreadId
GetDriveTypeA
GetTickCount
GetProcAddress
GetMailslotInfo
IsValidLocale
OpenFileMappingW
WaitCommEvent
UnlockFile
GetFullPathNameA
GetNumberFormatA
FindResourceExA
TerminateProcess
GetFileType
SetLastError
SetConsoleCursorPosition
WriteConsoleOutputCharacterW
EnterCriticalSection
LeaveCriticalSection
GetStringTypeA
HeapDestroy
MultiByteToWideChar
GetCPInfo
IsBadWritePtr
GlobalFlags
GetDateFormatA
GetCurrentProcessId
EnumSystemLocalesA
GetConsoleMode
LoadLibraryA
FoldStringA
LocalUnlock
GetStartupInfoA
FreeEnvironmentStringsA
GetUserDefaultLCID
ConvertDefaultLocale
MoveFileA
IsValidCodePage
HeapAlloc
LCMapStringA
GlobalReAlloc
OpenWaitableTimerW
GetSystemInfo
TlsAlloc
WriteFile
HeapSize
SetThreadAffinityMask
GetStdHandle
GetCurrencyFormatA
GetVersionExA
GetCurrentThread
HeapReAlloc
lstrcpynW
lstrcat
TlsSetValue
SetConsoleMode
GetLocaleInfoA
DeleteCriticalSection
HeapFree
QueryPerformanceCounter
CreateMailslotA
SetFilePointer
FreeEnvironmentStringsW
GetModuleFileNameA
OpenMutexA
InterlockedExchange
GetCurrentDirectoryA
LCMapStringW
GetModuleFileNameW
ContinueDebugEvent

comctl32

ImageList_AddIcon
ImageList_Remove
InitCommonControlsEx
ImageList_GetFlags

Sections

.text
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29873f547d16dd5022cf3ad98c24377f

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

Sections

.text Size: 160KB - Virtual size: 156KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 92KB - Virtual size: 98KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 160KB - Virtual size: 156KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 92KB - Virtual size: 98KB

.rsrc
Size: 20KB - Virtual size: 16KB