446b6a1953df184fc1755a8a38abd334_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

446b6a1953df184fc1755a8a38abd334_JaffaCakes118
Size

519KB
MD5

446b6a1953df184fc1755a8a38abd334
SHA1

5189d8bca9ba97bd038d3364e4a1d697912137cc
SHA256

30c0c91aa7f8af262cec44dac82f776bb0b1edb48fe199e841966747bf2230b2
SHA512

d62c338cc28808aad23ec5cbf6ff3ff15cda1db05b7edba90fb623068ba5b7fc8371500a2732a8083c50add9fca403f7712f00518873094491be182ff03fbdf8
SSDEEP

12288:FG8YGEx66N8b+CWqEOH0McTnsI1oLZm+NNylM/:FNYGEc6SbTarsI2M+qlM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
446b6a1953df184fc1755a8a38abd334_JaffaCakes118

Files

446b6a1953df184fc1755a8a38abd334_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8d481b020618eb5b5a37eebafc84b8e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\freeoede\geeepewpke\egltqufl.pdb

Imports

kernel32

SetFilePointer
LeaveCriticalSection
DeleteCriticalSection
GetOEMCP
GetCurrentThreadId
TlsAlloc
SetStdHandle
CreateMutexA
OpenMutexA
HeapFree
GetCurrentThread
InitializeCriticalSection
TerminateProcess
GetStringTypeW
GetProcAddress
TlsFree
GetSystemTime
SetHandleCount
GetStartupInfoA
GetCommandLineA
GetVersion
InterlockedDecrement
GetEnvironmentStringsW
GetStringTypeA
GlobalAddAtomA
QueryPerformanceCounter
RtlUnwind
EnterCriticalSection
FreeEnvironmentStringsW
WriteFile
LCMapStringA
VirtualAlloc
GetCurrentProcessId
VirtualProtectEx
GetLocalTime
GetLastError
GetStdHandle
InterlockedExchange
GetTimeZoneInformation
MultiByteToWideChar
GetEnvironmentStrings
CompareStringW
GetModuleHandleA
TlsGetValue
InterlockedIncrement
GetModuleFileNameA
LCMapStringW
GetCurrentProcess
HeapAlloc
GetTickCount
GetSystemTimeAsFileTime
GetCPInfo
CloseHandle
GlobalAlloc
GetFileType
IsBadWritePtr
GetACP
SetLastError
WideCharToMultiByte
HeapCreate
FlushFileBuffers
UnhandledExceptionFilter
HeapDestroy
VirtualFree
TlsSetValue
ExitProcess
CompareStringA
SetEnvironmentVariableA
ReadFile
LockResource
SetConsoleActiveScreenBuffer
LoadLibraryA
FreeEnvironmentStringsA
HeapReAlloc
CreateRemoteThread
VirtualQuery

wininet

FtpRenameFileA
InternetWriteFileExA
DetectAutoProxyUrl

comctl32

CreateStatusWindowW
ImageList_SetFlags
GetEffectiveClientRect
ImageList_Duplicate
ImageList_GetDragImage
DrawStatusTextW
ImageList_GetIconSize
ImageList_Read
ImageList_DragMove
ImageList_AddIcon
ImageList_Create
ImageList_EndDrag
ImageList_GetImageCount
ImageList_SetImageCount
CreatePropertySheetPageA
CreateToolbar
ImageList_LoadImageA
ImageList_Write
CreateStatusWindowA
InitCommonControlsEx
ImageList_GetImageRect
ImageList_GetImageInfo
ImageList_Remove
_TrackMouseEvent

advapi32

RegEnumKeyA
RegCreateKeyA
CreateServiceA
CryptSetProvParam
CryptSetProviderExA
CryptVerifySignatureA
RegConnectRegistryA
LookupAccountSidA
CryptGenKey
RegDeleteKeyA
ReportEventA
RegOpenKeyW
RegSetValueExW
LogonUserW

user32

RegisterClassA
WindowFromDC
UnloadKeyboardLayout
GetThreadDesktop
RegisterClassExA
GetWindowTextLengthA
OemToCharBuffW
DestroyCaret
InsertMenuW
SetMessageExtraInfo
WinHelpA
SetForegroundWindow
InSendMessageEx
GetDoubleClickTime
FindWindowW
EnumPropsExW

gdi32

GetTextColor
GetStockObject
GetObjectA
GetTextMetricsA
EnumICMProfilesW
DeleteDC
GetEnhMetaFilePaletteEntries
SelectObject
GetRegionData
GetKerningPairsA
GdiSetBatchLimit
GetBoundsRect
SetBkColor
ResetDCW
StretchDIBits
SetViewportExtEx
SetPixel
CreateDCW
SetBitmapDimensionEx
GetDeviceCaps
DeleteObject
CreateICW
SetEnhMetaFileBits
GetDCOrgEx
GetFontData

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 201KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d481b020618eb5b5a37eebafc84b8e9

Headers

File Characteristics

PDB Paths

Imports

kernel32

wininet

comctl32

advapi32

user32

gdi32

Sections

.text Size: 137KB - Virtual size: 137KB

.rdata Size: 201KB - Virtual size: 216KB

.data Size: 110KB - Virtual size: 110KB

.rsrc Size: 69KB - Virtual size: 68KB

.text
Size: 137KB - Virtual size: 137KB

.rdata
Size: 201KB - Virtual size: 216KB

.data
Size: 110KB - Virtual size: 110KB

.rsrc
Size: 69KB - Virtual size: 68KB