3d1d9af509ca12e0fda3496342efc3a5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d1d9af509ca12e0fda3496342efc3a5_JaffaCakes118
Size

572KB
MD5

3d1d9af509ca12e0fda3496342efc3a5
SHA1

78d7731bee41431605a7a33484f14ba24edd80c3
SHA256

59efccceb7f2309de8bcf86bde75a1c670546ac72726619c5a30f88987dc6005
SHA512

3d58ed7b704fb28cb14382f8225b861df06fb44703f0fbb293042d95af1f88f565df1cfa6b7897271d9f2ed51928141e0ba96e9583e38ccb523d249764a9969c
SSDEEP

12288:JC/z4QbLRIInRc/mKGyTApln+saxwd1b:J6x7mLAL+s2Il

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d1d9af509ca12e0fda3496342efc3a5_JaffaCakes118

Files

3d1d9af509ca12e0fda3496342efc3a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

718aa544ba8eab24922cbcee7867072d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\xgfntborg\ym

Imports

comctl32

DrawStatusTextA
ImageList_Add
CreateMappedBitmap
ImageList_Remove
InitCommonControlsEx
ImageList_SetIconSize

kernel32

GetFileType
InitializeCriticalSection
FlushFileBuffers
VirtualFree
TerminateProcess
SetUnhandledExceptionFilter
GetDateFormatA
ExitThread
GetOEMCP
EnterCriticalSection
HeapSize
FreeLibrary
GetCommandLineA
GetTimeFormatA
TlsAlloc
ExitProcess
GetEnvironmentStrings
GetCPInfo
GetCurrentThread
GetEnvironmentStringsW
GetUserDefaultLCID
WriteConsoleA
SetConsoleCtrlHandler
GetConsoleMode
CompareStringW
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetProcessHeap
GetStartupInfoA
SetFilePointer
HeapReAlloc
WriteConsoleW
GetStdHandle
RtlUnwind
GetLastError
GetProcAddress
CloseHandle
SetLastError
GetACP
GetModuleFileNameA
TlsSetValue
QueryPerformanceCounter
GetLocaleInfoA
SetEnvironmentVariableA
VirtualAlloc
InterlockedIncrement
LeaveCriticalSection
GetStringTypeA
GetTickCount
EnumSystemLocalesA
GetCurrentProcess
GetCurrentThreadId
WriteFileEx
LoadLibraryA
ReadFile
GetTimeZoneInformation
IsValidCodePage
InterlockedDecrement
IsValidLocale
WideCharToMultiByte
HeapFree
TlsGetValue
CreateFileA
SetStdHandle
OpenMutexA
GetConsoleCP
GetModuleHandleA
Sleep
FreeEnvironmentStringsA
LCMapStringA
SetHandleCount
WriteFile
TlsFree
DeleteCriticalSection
CreateMutexA
CompareStringA
HeapCreate
HeapAlloc
GetLocaleInfoW
InterlockedExchange
GetConsoleOutputCP
IsDebuggerPresent
MultiByteToWideChar
GetCurrentProcessId
HeapDestroy
GetSystemTimeAsFileTime
GetVersionExA
GetStringTypeW
VirtualQuery
LCMapStringW

user32

GrayStringA
SetProcessDefaultLayout
RegisterClipboardFormatW
CharLowerBuffW
GetKBCodePage
SetProcessWindowStation
MapDialogRect
GetProcessDefaultLayout
GetCursorInfo
IsCharAlphaA
SendMessageW
GetCursorPos
SetForegroundWindow
IsMenu
SetActiveWindow
IsWindowEnabled
CheckRadioButton
ShowCursor
MessageBoxIndirectW
EndDialog
LoadIconW
WaitForInputIdle
EnableWindow
RegisterClassExA
GetCapture
ClipCursor
TrackPopupMenu
LoadImageW
LoadCursorA
GetInputDesktop
DdeAbandonTransaction
GetDC
SetParent
RegisterClassA
LoadMenuW
GetMessageA
NotifyWinEvent
IsDlgButtonChecked
RemoveMenu
DlgDirSelectComboBoxExA
GetIconInfo
SetMessageQueue
CloseWindowStation
RemovePropA
LoadAcceleratorsW
DdeAddData
DlgDirSelectExA
SystemParametersInfoW
TrackPopupMenuEx
SetUserObjectInformationA
UnpackDDElParam
InsertMenuW
GetCaretBlinkTime
DlgDirListW
AnimateWindow
EnumDesktopWindows
SystemParametersInfoA
GetFocus
RealGetWindowClass

wininet

InternetTimeToSystemTime
InternetSetOptionExA
InternetAutodial
CreateUrlCacheEntryW
FtpCreateDirectoryA
InternetFortezzaCommand

shell32

ExtractIconExA
SheSetCurDrive
ExtractIconEx

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

718aa544ba8eab24922cbcee7867072d

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

wininet

shell32

Sections

.text Size: 168KB - Virtual size: 165KB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 116KB - Virtual size: 137KB

.rsrc Size: 28KB - Virtual size: 24KB

.text
Size: 168KB - Virtual size: 165KB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 116KB - Virtual size: 137KB

.rsrc
Size: 28KB - Virtual size: 24KB