3ed5ae14435fa87b27a485fc69a3c6ac_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ed5ae14435fa87b27a485fc69a3c6ac_JaffaCakes118
Size

574KB
MD5

3ed5ae14435fa87b27a485fc69a3c6ac
SHA1

1fdcd74c828ff3d4ec8aba2bb36aa46af4e51ee7
SHA256

78110fca8ee40b2dbfde4fa554c7d4125c7465ee1558ddab92d3a56fed1eb8d7
SHA512

3c3c990f57f10652e4657ea4281d225e49ecee52e73498fc24f62a87496b15164f28316044505ddebd4811e93b2af322e1cba9a97b10ff86cf9fdad8eed5a527
SSDEEP

12288:m5/USsnNQ0gIdteNdbnVoEHgpg348S/Ml6Pa/L8KVpFO9FK0prBjSpSKDJ6/:m5/UFnNXgIteNdTC+gp04t28KjFO9FK0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ed5ae14435fa87b27a485fc69a3c6ac_JaffaCakes118

Files

3ed5ae14435fa87b27a485fc69a3c6ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a01148a64fdc6b661486d1366d3cb77

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\izgqur.pdb

Imports

kernel32

CreateDirectoryW
InterlockedDecrement
GetConsoleScreenBufferInfo
ReadConsoleOutputW
GetDiskFreeSpaceA
MultiByteToWideChar
LCMapStringA
TlsGetValue
GetProcAddress
MoveFileW
FillConsoleOutputCharacterA
GetExitCodeThread
ConvertDefaultLocale
FindAtomW
CreateSemaphoreA
CreateFileA
EnumTimeFormatsW
InitializeCriticalSection
TlsFree
IsBadWritePtr
SetConsoleOutputCP
WaitForMultipleObjectsEx
GetModuleFileNameA
GetCommandLineA
OpenFile
SetLastError
GetLocalTime
FoldStringW
QueryPerformanceCounter
OpenEventW
IsBadReadPtr
SetFilePointer
EnumResourceNamesW
GetConsoleTitleW
GetStringTypeW
GetModuleHandleA
LeaveCriticalSection
GetWindowsDirectoryW
HeapDestroy
HeapFree
CopyFileExA
UnhandledExceptionFilter
GetStartupInfoW
GetModuleFileNameW
TlsAlloc
GetCommandLineW
LocalFree
GetCurrentProcess
EnterCriticalSection
WriteConsoleInputW
FreeEnvironmentStringsW
OpenMutexA
GetEnvironmentStringsW
ContinueDebugEvent
TerminateProcess
GetSystemTime
HeapReAlloc
RtlZeroMemory
WriteConsoleW
SetFileAttributesA
FreeEnvironmentStringsA
GetTimeZoneInformation
FormatMessageA
VirtualAlloc
GetLastError
SetStdHandle
CreateMutexA
CreateProcessW
GetCurrentThread
GetFileTime
TlsSetValue
FindFirstFileW
GetStringTypeA
ReadConsoleW
GetStartupInfoA
VirtualFree
SetConsoleMode
VirtualFreeEx
GetStdHandle
LocalShrink
GetFileType
GetWindowsDirectoryA
CompareStringA
FindFirstFileExW
LCMapStringW
SetLocalTime
ReadFile
GetDriveTypeW
TerminateThread
ExitProcess
UnmapViewOfFile
GetConsoleCursorInfo
GetTickCount
GetTempFileNameA
GetNamedPipeHandleStateA
InterlockedExchange
GetSystemTimeAsFileTime
SetHandleCount
LoadLibraryA
FlushFileBuffers
GetComputerNameA
RtlUnwind
OpenMutexW
CloseHandle
CreateNamedPipeA
ReadConsoleA
SetEnvironmentVariableA
CompareStringW
FlushViewOfFile
RemoveDirectoryA
DeleteCriticalSection
DeleteAtom
GetLogicalDriveStringsA
lstrcmpiA
SetConsoleCtrlHandler
GetCurrentProcessId
EnumResourceTypesA
WideCharToMultiByte
GetShortPathNameA
RtlMoveMemory
SetConsoleActiveScreenBuffer
GetCurrencyFormatA
GetDateFormatW
GetCurrentThreadId
WriteFile
GetVersion
ReadConsoleInputA
GetEnvironmentStrings
lstrcmpA
InterlockedIncrement
HeapCreate
VirtualQuery
GetCPInfo
GetNumberFormatA
GlobalDeleteAtom
GlobalAlloc
HeapAlloc
GetProfileIntA

wininet

InternetErrorDlg
FindFirstUrlCacheEntryW

comctl32

ImageList_GetFlags
InitCommonControlsEx
ImageList_DrawEx
ImageList_DragMove
ImageList_GetBkColor
InitMUILanguage

shell32

ShellAboutA
DragQueryFileW
ShellExecuteEx
SHLoadInProc
SHEmptyRecycleBinW

comdlg32

ChooseColorA
GetOpenFileNameA

user32

CharToOemBuffA
EnumWindowStationsW
MessageBoxA
EnumDesktopWindows
SendInput
DdeUninitialize
SetParent
DefDlgProcW
RegisterClassA
RegisterHotKey
PaintDesktop
SetRectEmpty
CreateWindowExA
DefMDIChildProcW
GetKeyNameTextW
GetLastActivePopup
ShowWindow
SetSysColors
DefWindowProcW
SetUserObjectInformationW
GetDlgItem
RegisterWindowMessageW
SetClassLongW
DestroyWindow
GetScrollRange
FlashWindowEx
SendNotifyMessageA
CreateIconIndirect
GetInputDesktop
RegisterClassExA
RegisterClipboardFormatA
PtInRect

advapi32

CryptGetKeyParam

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a01148a64fdc6b661486d1366d3cb77

Headers

File Characteristics

PDB Paths

Imports

kernel32

wininet

comctl32

shell32

comdlg32

user32

advapi32

Sections

.text Size: 162KB - Virtual size: 161KB

.rdata Size: 243KB - Virtual size: 243KB

.data Size: 111KB - Virtual size: 134KB

.rsrc Size: 57KB - Virtual size: 56KB

.text
Size: 162KB - Virtual size: 161KB

.rdata
Size: 243KB - Virtual size: 243KB

.data
Size: 111KB - Virtual size: 134KB

.rsrc
Size: 57KB - Virtual size: 56KB