4427a686a68e7438cb81a833836be3b4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4427a686a68e7438cb81a833836be3b4_JaffaCakes118
Size

3.3MB
MD5

4427a686a68e7438cb81a833836be3b4
SHA1

5cbc809df5b7bed3d452b238c7422cad06e1ed60
SHA256

2ea3964aac01d79131ca24861948c86803f3b204f592101dbc1d0289c4395495
SHA512

20f342481fee57777c9f437eab1266d325789c1e0bc4392b3e826c6fd6a82bc6b9f4cf6e1c7c35641ca0b80599784aec43784931ba887d506c5b58c83ab8d6dd
SSDEEP

98304:zsLoMetbnARCY3dea2Rv6TgoZNBRJ8+4mXcHjCibtyTkZ:zsL5qnYx312E3/LJ8+40cHFbtHZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/freezyhd.exe

Files

4427a686a68e7438cb81a833836be3b4_JaffaCakes118
.rar
freezyhd.exe
.exe windows:4 windows x86 arch:x86

a08d0a3c1d1f4673feb6899c1b3492ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

InitializeCriticalSection
CloseHandle
WaitForMultipleObjects
SetEvent
CreateThread
WaitForSingleObject
ResetEvent
MultiByteToWideChar
WideCharToMultiByte
GetLastError
CompareStringA
CompareStringW
LoadLibraryA
AreFileApisANSI
GetModuleFileNameA
GetModuleFileNameW
LocalFree
FormatMessageA
FormatMessageW
GetWindowsDirectoryA
SetFileAttributesA
SetFileAttributesW
RemoveDirectoryA
RemoveDirectoryW
CreateDirectoryA
CreateDirectoryW
DeleteFileA
DeleteFileW
GetShortPathNameA
lstrlenA
GetFullPathNameA
GetFullPathNameW
GetCurrentDirectoryA
SetCurrentDirectoryA
GetTempPathA
GetTempFileNameA
FindClose
FindFirstFileA
FindFirstFileW
SetLastError
FindNextFileA
CreateFileA
CreateFileW
GetFileSize
SetFilePointer
ReadFile
SetFileTime
WriteFile
SetEndOfFile
CreateEventA
LeaveCriticalSection
EnterCriticalSection
Sleep
CreateProcessA
GetCommandLineW
GetCurrentThreadId
HeapAlloc
DeleteCriticalSection
TlsSetValue
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
RtlUnwind
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize

user32

DestroyWindow
PostMessageA
ShowWindow
MessageBoxA
KillTimer
EndDialog
SendMessageA
GetDlgItem
SetTimer
MessageBoxW
SetWindowTextW
SetWindowTextA
LoadStringW
LoadStringA
CharPrevA
DialogBoxParamA
GetWindowLongA
SetWindowLongA

oleaut32

VariantClear
SysAllocString

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

a08d0a3c1d1f4673feb6899c1b3492ce

Headers

File Characteristics

Imports

comctl32

kernel32

user32

oleaut32

Sections

.text Size: 90KB - Virtual size: 90KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 90KB - Virtual size: 90KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 6KB - Virtual size: 6KB