3df8167736dcafd998078dec35c18712_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3df8167736dcafd998078dec35c18712_JaffaCakes118
Size

522KB
MD5

3df8167736dcafd998078dec35c18712
SHA1

0bc8a1f9ae2625dfa4f907ed77b84e268ba4370c
SHA256

c7de41f4fbbe903cf04252a2d32bf6fb3625c0812f2a1e0a634cece029c9c1be
SHA512

ae69cc45a80b408790f232f66851875ded42235ea90e3cfafd22c12501372255c97dbbaecee07e1664bb2d4509ad9b6477fd134bb79501fb52ccb20e2cb593fc
SSDEEP

12288:hpG39Ver6o0Cer0o4ayMJfxKWywWsYbAlhn8ruwW6h:oMr6o0WGxjVWulZwW6h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3df8167736dcafd998078dec35c18712_JaffaCakes118

Files

3df8167736dcafd998078dec35c18712_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0dd60fc85c51a8388f86bdab5fe71c0a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\sprd\cetceoefh\oehzeyrha\eye\zdlc.pdb

Imports

kernel32

GetEnvironmentStrings
GetEnvironmentStringsW
WriteConsoleW
lstrcmpW
VirtualQuery
CreateDirectoryExA
lstrlenA
GetTimeFormatA
LeaveCriticalSection
HeapValidate
GetCurrentProcessId
TlsFree
IsBadReadPtr
GetConsoleOutputCP
GetModuleFileNameW
GetLocaleInfoA
GetStringTypeW
GetTimeZoneInformation
TerminateProcess
IsDebuggerPresent
GetStringTypeA
CreateFileA
SetUnhandledExceptionFilter
EnterCriticalSection
GetModuleFileNameA
WriteConsoleA
QueryPerformanceCounter
IsValidCodePage
GetOEMCP
GetVersionExA
MultiByteToWideChar
IsValidLocale
EnumDateFormatsExA
GetUserDefaultLangID
CreateMutexA
GetFileType
GlobalFix
GetACP
FreeLibrary
HeapReAlloc
HeapCreate
GetProcAddress
HeapDestroy
GetProcessHeap
SetStdHandle
LCMapStringW
GetDateFormatA
LoadLibraryExA
EnumSystemLocalesA
RaiseException
FlushFileBuffers
TlsSetValue
SetLastError
UnhandledExceptionFilter
FormatMessageW
LoadLibraryA
SetEnvironmentVariableA
VirtualFree
FreeEnvironmentStringsA
SetConsoleTitleA
GetCommandLineA
GetUserDefaultLCID
ReadFile
CloseHandle
GetCurrentProcess
SetVolumeLabelW
WideCharToMultiByte
SetConsoleCtrlHandler
LoadLibraryW
GetCPInfo
OutputDebugStringW
lstrcpyA
GetConsoleMode
DebugBreak
GetStdHandle
GetCurrentThread
CompareStringW
GetLocaleInfoW
GetLastError
InitializeCriticalSection
GetConsoleCP
RtlUnwind
ExitProcess
CompareStringA
OutputDebugStringA
GetSystemTimeAsFileTime
LCMapStringA
GetLogicalDriveStringsW
InterlockedIncrement
SetFilePointer
WriteFile
lstrcmpA
HeapAlloc
InterlockedExchange
GetCurrentThreadId
FindAtomW
TlsGetValue
GetNamedPipeHandleStateW
DeleteCriticalSection
GetModuleHandleA
GetStartupInfoA
GetTickCount
GetDiskFreeSpaceExA
InterlockedDecrement
TlsAlloc
OpenMutexA
MapViewOfFileEx
HeapFree
FreeEnvironmentStringsW
VirtualAlloc
SetHandleCount

user32

GetSystemMenu
GetKeyboardLayoutNameA
RegisterClassExA
DdeInitializeA
GetKBCodePage
RegisterClassA
EnumDesktopsA
BroadcastSystemMessageA
ShowScrollBar
GrayStringA
SetDebugErrorLevel

gdi32

ExtSelectClipRgn
GetEnhMetaFileW
GdiFlush
GetOutlineTextMetricsW
PolylineTo
CreatePatternBrush
GetCharWidthFloatW
GetDeviceCaps
DeleteDC
CreateDCA

comdlg32

ReplaceTextA
GetFileTitleW
PrintDlgA

shell32

SHGetNewLinkInfo
DragQueryFileA
ExtractIconExA
SheGetDirA

comctl32

InitCommonControlsEx

Sections

.text
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dd60fc85c51a8388f86bdab5fe71c0a

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

shell32

comctl32

Sections

.text Size: 356KB - Virtual size: 355KB

.rdata Size: 49KB - Virtual size: 59KB

.data Size: 95KB - Virtual size: 94KB

.rsrc Size: 21KB - Virtual size: 20KB

.text
Size: 356KB - Virtual size: 355KB

.rdata
Size: 49KB - Virtual size: 59KB

.data
Size: 95KB - Virtual size: 94KB

.rsrc
Size: 21KB - Virtual size: 20KB