417554dfbae8baec3407be7590145ea1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

417554dfbae8baec3407be7590145ea1_JaffaCakes118
Size

456KB
MD5

417554dfbae8baec3407be7590145ea1
SHA1

d75f403241ea054497776cbc086359d4051889b0
SHA256

76a39db9a33b21cf1b11b47a5e51a78287d3b644452f90aa494c1b02339a6e97
SHA512

2d1e58038a21adaacfa5679a3b73fd4d0e79693ad1ab0996ce7ea0ad7a8b2060a55a4cf29f32a819c8e1fc4d1d1edea27c898b46d47d806a2ea10899986cb4ea
SSDEEP

12288:i2Sqli1pkEec5ojJMVmOPpRTvwlXx8uAIth:i2Sv1pkDKOxW7slXx88

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
417554dfbae8baec3407be7590145ea1_JaffaCakes118

Files

417554dfbae8baec3407be7590145ea1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a09f20b4086b5684d96f920f66fddd3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\redezyzka\mjyio.pdb

Imports

wininet

RunOnceUrlCache
InternetSetDialStateW
GetUrlCacheEntryInfoW
CreateUrlCacheContainerA
HttpQueryInfoW
FtpCommandA

user32

SwitchDesktop
DlgDirListComboBoxA
GetWindowContextHelpId
CreateAcceleratorTableW
IsZoomed
CreateMDIWindowA
MessageBoxA
RegisterDeviceNotificationA
SetCaretBlinkTime
LoadImageW
GetMenuStringW
RegisterHotKey
DefWindowProcA
RegisterClassExA
GetWindow
SetDebugErrorLevel
CreateWindowExW
TranslateAcceleratorW
UnregisterHotKey
GetClassNameA
ShowWindow
CascadeChildWindows
GetKeyNameTextA
DestroyWindow
ToAsciiEx
RegisterClassA
IsWindowUnicode
GetDialogBaseUnits
CopyAcceleratorTableA
DlgDirSelectComboBoxExW
EnumChildWindows
RemovePropA
GetTabbedTextExtentA
GetWindowTextLengthW

comdlg32

GetSaveFileNameW
ChooseFontA
LoadAlterBitmap

kernel32

FlushFileBuffers
GetEnvironmentStringsW
TlsFree
QueryPerformanceCounter
GetModuleFileNameA
GetCurrentProcessId
SetHandleCount
VirtualUnlock
SetFilePointer
TlsSetValue
GetCommandLineA
FillConsoleOutputCharacterA
SetLastError
TlsGetValue
LoadLibraryA
GetStringTypeW
GetCPInfo
WriteFile
GetCurrentThread
GetStartupInfoA
CloseHandle
GetProcessHeaps
CompareStringA
FreeEnvironmentStringsW
DeleteCriticalSection
EnterCriticalSection
GetTickCount
InterlockedExchange
ReadFile
TlsAlloc
GetACP
SetEnvironmentVariableA
EnumSystemLocalesA
IsBadWritePtr
LCMapStringW
GetSystemTimeAsFileTime
LeaveCriticalSection
GetDateFormatA
CompareStringW
LCMapStringA
VirtualQuery
FreeEnvironmentStringsA
TerminateProcess
GetModuleHandleA
SetStdHandle
HeapReAlloc
GetLocaleInfoW
GetUserDefaultLCID
GetTimeFormatA
GetCurrentThreadId
GetSystemInfo
GetLastError
VirtualFree
WideCharToMultiByte
VirtualAlloc
GetStdHandle
GetOEMCP
VirtualProtect
GetTimeZoneInformation
IsValidCodePage
MultiByteToWideChar
HeapAlloc
GetStringTypeA
HeapSize
OpenMutexA
HeapDestroy
GetLocaleInfoA
OpenFileMappingA
InitializeCriticalSection
GetVersionExA
ExitProcess
GetCurrentProcess
RtlUnwind
GetFileType
UnhandledExceptionFilter
GetEnvironmentStrings
IsValidLocale
CreateMutexA
WritePrivateProfileSectionA
HeapCreate
GetProcAddress
HeapFree

comctl32

CreateStatusWindowA
GetEffectiveClientRect
DrawStatusTextA
ImageList_SetFilter
ImageList_DragEnter
CreateToolbarEx
ImageList_Remove
ImageList_DragMove
ImageList_GetIconSize
ImageList_GetDragImage
InitCommonControlsEx
MakeDragList
CreateToolbar
ImageList_SetFlags
ImageList_Replace
ImageList_GetBkColor
ImageList_DragLeave
ImageList_SetOverlayImage
ImageList_BeginDrag
ImageList_SetImageCount
ImageList_Copy

Sections

.text
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a09f20b4086b5684d96f920f66fddd3a

Headers

File Characteristics

PDB Paths

Imports

wininet

user32

comdlg32

kernel32

comctl32

Sections

.text Size: 168KB - Virtual size: 164KB

.rdata Size: 96KB - Virtual size: 94KB

.data Size: 92KB - Virtual size: 103KB

.rsrc Size: 96KB - Virtual size: 95KB

.text
Size: 168KB - Virtual size: 164KB

.rdata
Size: 96KB - Virtual size: 94KB

.data
Size: 92KB - Virtual size: 103KB

.rsrc
Size: 96KB - Virtual size: 95KB