402e5ac4e5d977a76371cd17763c3ecf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

402e5ac4e5d977a76371cd17763c3ecf_JaffaCakes118
Size

376KB
MD5

402e5ac4e5d977a76371cd17763c3ecf
SHA1

3fcade751c2f281de54877a6c27251d3e5dae134
SHA256

57a5cb8e7c503125a428f007c3064d90c3c6f4bf625aed25c3136bd155bfdb93
SHA512

71ca79886b236ef388e2068efb82cbba20c85f6b95c9ed9b86378be608bd09c58842c36b74510f91d9d09b4a2ec2130bcd8506395bb4dff6e62e0fcc223c2a62
SSDEEP

6144:9cQAp12940Kmy99I5NSwvlgo2bjkiwgs/Ll/u4u4YkxSheM9PnkFM8lfPyw6FPRS:9z+W40Kmy3JwvKo2b4AsxW1owr9Pnj8T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
402e5ac4e5d977a76371cd17763c3ecf_JaffaCakes118

Files

402e5ac4e5d977a76371cd17763c3ecf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d7cf0da67ddd51d91f8259fa849c0542

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\cyuovhh\ojajzev.pdb

Imports

kernel32

EnumDateFormatsW
SetFilePointer
ExitThread
LocalUnlock
SetEnvironmentVariableA
QueryPerformanceCounter
LCMapStringW
EnumDateFormatsExA
CompareStringA
LoadLibraryA
SetThreadPriority
lstrcmp
GetCurrentProcessId
WideCharToMultiByte
lstrcpyW
GetFileType
GlobalAddAtomA
GetSystemTimeAsFileTime
EnterCriticalSection
HeapAlloc
GetStringTypeW
ConvertDefaultLocale
TlsFree
CreateEventW
GetModuleFileNameA
MultiByteToWideChar
FlushViewOfFile
TlsSetValue
InitializeCriticalSection
TlsAlloc
EnumDateFormatsA
DeleteFileW
UnhandledExceptionFilter
HeapCreate
GetDriveTypeW
GetLocalTime
GetOEMCP
EnumResourceLanguagesW
CreateFileW
GetCurrentThread
EnumResourceNamesW
WriteFile
InterlockedExchange
TlsGetValue
GetDriveTypeA
SetStdHandle
VirtualQuery
GetPrivateProfileSectionA
GetEnvironmentStringsW
SetLocaleInfoA
GetStringTypeA
FlushFileBuffers
DeleteCriticalSection
GetFileAttributesExA
WriteConsoleA
GetComputerNameW
Sleep
GetCurrentProcess
GetCPInfo
GetVersion
GetModuleHandleA
GlobalLock
GetLastError
SetThreadAffinityMask
GetStartupInfoA
SetHandleCount
SetConsoleScreenBufferSize
GetSystemDirectoryW
LockResource
GetTimeZoneInformation
OpenMutexA
RtlUnwind
GetCurrentThreadId
GetCompressedFileSizeA
FreeEnvironmentStringsW
CreateMailslotA
GetDiskFreeSpaceExW
GetFileAttributesExW
IsBadWritePtr
GetNamedPipeInfo
InterlockedDecrement
MoveFileExW
CompareStringW
HeapFree
LocalLock
CreateMutexW
CreateMutexA
SetFileAttributesW
GetConsoleOutputCP
ReadFile
GetCommandLineA
GlobalFindAtomA
ExitProcess
SetFileAttributesA
HeapDestroy
InterlockedIncrement
RtlFillMemory
CloseHandle
LeaveCriticalSection
GetConsoleCursorInfo
OpenEventA
EnumCalendarInfoW
LCMapStringA
FindResourceExA
GetStdHandle
FindResourceA
VirtualFree
GetSystemTime
FindNextFileW
GetProcAddress
GetTickCount
TerminateProcess
WriteConsoleOutputW
FreeEnvironmentStringsA
HeapReAlloc
lstrcmpW
GetVolumeInformationA
GetEnvironmentStrings
VirtualAlloc
SetLastError
CreateFileA
GetACP
CopyFileA
GetNamedPipeHandleStateW

comctl32

DrawStatusTextW
CreateStatusWindowW
ImageList_LoadImage
InitCommonControlsEx
ImageList_GetImageCount
CreateUpDownControl
CreateStatusWindowA
ImageList_GetBkColor
DrawInsert
ImageList_DragEnter
ImageList_SetIconSize
ImageList_AddIcon
ImageList_ReplaceIcon
ImageList_GetIconSize
DrawStatusTextA
ImageList_DragMove

shell32

DoEnvironmentSubstA

gdi32

ExtSelectClipRgn
ExtEscape
OffsetClipRgn
CancelDC
SetLayout
PolylineTo
ExtTextOutA
SetPixel
PolyBezier
BitBlt
GetFontLanguageInfo
LPtoDP
EnumObjects

user32

GetUserObjectInformationW
TabbedTextOutW
TabbedTextOutA
SendMessageW
WinHelpW
ModifyMenuW
GetDlgCtrlID
SetCaretBlinkTime
IsMenu
RegisterClassExA
DlgDirSelectComboBoxExA
DefMDIChildProcA
GetWindowContextHelpId
EnumPropsA
RegisterDeviceNotificationA
DestroyWindow
EndDialog
LoadIconA
OemToCharA
EnumDesktopsA
MapVirtualKeyA
SetWindowsHookExA
LockWindowUpdate
SendMessageA
GetKeyNameTextW
ShowWindow
CreateWindowExA
MessageBoxW
RegisterClassA
DefWindowProcW
ChangeDisplaySettingsExA
SetWindowTextW
SwapMouseButton
GetInputDesktop
GetUserObjectInformationA

Sections

.text
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7cf0da67ddd51d91f8259fa849c0542

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

shell32

gdi32

user32

Sections

.text Size: 160KB - Virtual size: 156KB

.rdata Size: 96KB - Virtual size: 93KB

.data Size: 92KB - Virtual size: 96KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 160KB - Virtual size: 156KB

.rdata
Size: 96KB - Virtual size: 93KB

.data
Size: 92KB - Virtual size: 96KB

.rsrc
Size: 24KB - Virtual size: 23KB