438239bd9f6529d3c208d9f1dedbf573_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

438239bd9f6529d3c208d9f1dedbf573_JaffaCakes118
Size

798KB
MD5

438239bd9f6529d3c208d9f1dedbf573
SHA1

3ccb3e383ba782c9ca1e97a0d11fb8d572e964f5
SHA256

b11f60a7e816c6df1203853586239140160739a51bfecbca36549806678fb8b4
SHA512

52f72865908806063f85b3dc5db8fdbe0059f9ad988bee735a9194f8dc24cf7206a88f66793a67b0d92fea968e4214f001755d6dca645bf82852bec13e121ae3
SSDEEP

12288:GsCN3KzFeeCfynqPJwbIKF/JIibp/V7GyW2pFesQrwMrH6e3xWfX:9CMz4nf3JwE4BVHBQrwMr1eX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
438239bd9f6529d3c208d9f1dedbf573_JaffaCakes118

Files

438239bd9f6529d3c208d9f1dedbf573_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc365f0dd103f3a99850842f5ed3c041

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\utqa\jzshtxxo\byyvjjeh.pdb

Imports

kernel32

GlobalUnlock
ReadFileEx
FreeEnvironmentStringsA
WriteFile
GetLastError
GetTimeZoneInformation
SetLastError
GetDriveTypeW
GetProfileSectionW
GetComputerNameA
EnumTimeFormatsA
SetConsoleCtrlHandler
CompareStringA
CreateMutexA
HeapReAlloc
GetEnvironmentStringsW
GetConsoleMode
TlsAlloc
GetVolumeInformationA
lstrcpynA
GetSystemTimeAsFileTime
GetEnvironmentStrings
GetConsoleOutputCP
IsValidCodePage
GetProcessHeap
AllocConsole
CreateFileA
TlsSetValue
VirtualQuery
UnhandledExceptionFilter
GetProfileIntA
HeapCreate
GetModuleFileNameA
GetLogicalDrives
CreateToolhelp32Snapshot
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
SetConsoleCursorPosition
LocalLock
InterlockedExchange
OpenProcess
CompareStringW
GetLocaleInfoW
FreeLibraryAndExitThread
GetTickCount
GetThreadContext
SetStdHandle
IsDebuggerPresent
FindClose
GetProcessAffinityMask
GetStdHandle
GlobalUnfix
GetACP
CreateMailslotA
GetWindowsDirectoryA
GetVersionExA
GetConsoleCP
MultiByteToWideChar
GetFileType
OpenFileMappingW
LoadLibraryA
VirtualFreeEx
GetDiskFreeSpaceExW
GetDriveTypeA
VirtualAlloc
TerminateProcess
GetThreadPriority
OpenMutexA
GetThreadSelectorEntry
GetStringTypeA
InitializeCriticalSection
GetLocaleInfoA
GetStartupInfoA
WriteConsoleA
FreeLibrary
EnumDateFormatsExW
GetCurrentProcess
FreeEnvironmentStringsW
OpenMutexW
GetStringTypeW
SetEnvironmentVariableW
EnterCriticalSection
GetModuleHandleA
WaitForSingleObjectEx
SetFilePointer
QueryPerformanceCounter
HeapDestroy
WriteConsoleW
FindNextChangeNotification
Sleep
SuspendThread
TlsGetValue
GetTimeFormatA
DeleteCriticalSection
TlsFree
GetCurrentThreadId
GetCurrentProcessId
SetUnhandledExceptionFilter
GetEnvironmentStringsA
DebugBreak
CreateNamedPipeW
RtlUnwind
GetProcAddress
EnumResourceTypesA
GetCurrentThread
GetDateFormatA
HeapFree
CreateNamedPipeA
GetCPInfo
VirtualFree
HeapAlloc
InterlockedIncrement
HeapSize
GetDiskFreeSpaceW
CreateSemaphoreW
LeaveCriticalSection
GetPrivateProfileIntW
GetUserDefaultLCID
GetCommandLineA
EnumSystemLocalesA
FlushFileBuffers
IsValidLocale
GetConsoleTitleA
EnumResourceTypesW
OpenFileMappingA
GetNumberFormatW
WideCharToMultiByte
GetSystemDirectoryA
CreateFileW
ReadFile
ExitProcess
SetHandleCount
CreateDirectoryExW
GetOEMCP
CloseHandle
FindNextFileA
InterlockedDecrement

comctl32

ImageList_DrawEx
InitCommonControlsEx
ImageList_SetDragCursorImage
ImageList_SetFlags
ImageList_GetImageCount
ImageList_Duplicate

wininet

InternetGetConnectedState
FtpGetFileA
FindFirstUrlCacheEntryExW
HttpOpenRequestA
FtpRenameFileW
InternetOpenUrlA
InternetFindNextFileA
InternetWriteFile
GopherFindFirstFileW

user32

MapWindowPoints
LoadStringW
DestroyWindow
CharUpperA
SetTimer
RegisterClassExA
OpenWindowStationA
EnableWindow
AppendMenuW
ScrollDC
CreateWindowExW
CallMsgFilterW
ScreenToClient
ToAsciiEx
DefMDIChildProcA
VkKeyScanExA
GrayStringA
MessageBoxA
IsIconic
CreateMDIWindowA
ShowWindow
DefWindowProcA
GetClassInfoW
RegisterClassA
SetForegroundWindow
SendNotifyMessageA
GetDlgItemInt
DrawIcon
SetMessageExtraInfo
GetSubMenu
SetMenuItemBitmaps
CheckRadioButton
GetMenuCheckMarkDimensions

Sections

.text
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 252KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc365f0dd103f3a99850842f5ed3c041

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

wininet

user32

Sections

.text Size: 154KB - Virtual size: 153KB

.rdata Size: 302KB - Virtual size: 301KB

.data Size: 252KB - Virtual size: 212KB

.rsrc Size: 89KB - Virtual size: 88KB

.text
Size: 154KB - Virtual size: 153KB

.rdata
Size: 302KB - Virtual size: 301KB

.data
Size: 252KB - Virtual size: 212KB

.rsrc
Size: 89KB - Virtual size: 88KB