44d2d5d175155894bb9d2c2cb32856b1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

44d2d5d175155894bb9d2c2cb32856b1_JaffaCakes118
Size

558KB
MD5

44d2d5d175155894bb9d2c2cb32856b1
SHA1

b3fff8090120bd39b9fd7ccc13494c1bf2c648c9
SHA256

9eb00c554ddca20a8199ad7b000778bb35f09b23259cdafd6b2d4ad083686dc7
SHA512

d1e16c27f7f7f67a118ca49b48899fcbac321727985856b2e7cce0dff7c05e571339f80d85e52b75a9caf31e580ada0d9f1aaad4a66b811d49b1df24b81f077c
SSDEEP

12288:jC76wgdxSVLXTupoPIC6Ucdffw0lkHiEh+OmpN:jTwkxS5XTyhC6dffJyLSN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44d2d5d175155894bb9d2c2cb32856b1_JaffaCakes118

Files

44d2d5d175155894bb9d2c2cb32856b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b163697e232cae3360614cba1fdb5be0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\ttsrvekycc.pdb

Imports

user32

DrawStateA
GetScrollInfo
LoadImageW
RegisterClassA
RegisterClassExA
CreateWindowExA
LoadBitmapA
DefWindowProcW
MessageBoxA
DestroyWindow
GetSubMenu
GetClassInfoW
ReleaseCapture
ShowWindow
wvsprintfA

comctl32

ImageList_LoadImage
InitMUILanguage
ImageList_ReplaceIcon
CreateStatusWindowA
CreatePropertySheetPageW
ImageList_GetImageRect
ImageList_LoadImageW
ImageList_SetOverlayImage
ImageList_GetImageInfo
ImageList_DragLeave
InitCommonControlsEx
ImageList_GetImageCount
ImageList_Merge

shell32

InternalExtractIconListW
SHQueryRecycleBinW

kernel32

GetFileType
GetEnvironmentStringsW
GetLocaleInfoA
InterlockedExchange
CloseHandle
GetSystemTimeAsFileTime
GetCurrentThread
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
WriteFile
Sleep
GetLocaleInfoW
SetStdHandle
GetCommandLineA
GetTimeFormatA
HeapReAlloc
WriteConsoleA
HeapAlloc
LoadLibraryA
GetFileAttributesExW
DeleteCriticalSection
IsValidLocale
GetCurrentThreadId
HeapCreate
VirtualFree
GetStringTypeW
IsDebuggerPresent
CreateMutexA
QueryPerformanceCounter
GetEnvironmentStrings
GetStartupInfoA
IsValidCodePage
TlsGetValue
OpenFileMappingA
GetLastError
GetConsoleCP
SetLastError
EnterCriticalSection
HeapDestroy
LCMapStringA
TlsAlloc
EnumSystemLocalesA
SetConsoleCtrlHandler
FreeEnvironmentStringsW
RtlUnwind
WideCharToMultiByte
GetModuleHandleA
GetCurrentProcessId
CompareStringA
CompareStringW
GetDateFormatA
GetStringTypeA
HeapSize
GetTimeZoneInformation
SetFilePointer
GetACP
GetConsoleOutputCP
TlsFree
GetStringTypeExW
CreateFileA
ReadConsoleA
GetOEMCP
TlsSetValue
GetTickCount
LocalFlags
SetHandleCount
GetProcAddress
UnhandledExceptionFilter
FreeLibrary
GetConsoleMode
GetModuleFileNameA
VirtualAlloc
FlushFileBuffers
MultiByteToWideChar
InitializeCriticalSection
InterlockedIncrement
GetProcessHeap
GetCurrentProcess
GetCPInfo
SetEnvironmentVariableA
VirtualQuery
ReadFile
HeapFree
GlobalFix
InterlockedDecrement
WriteConsoleW
lstrlen
ExitProcess
GetUserDefaultLCID
TerminateProcess
LCMapStringW
SetComputerNameW
OpenMutexA
GetStdHandle
GetVersionExA
LeaveCriticalSection

wininet

DeleteUrlCacheContainerA
DetectAutoProxyUrl
FtpPutFileW
IsHostInProxyBypassList
FindFirstUrlCacheEntryA
FtpDeleteFileW

Sections

.text
Size: 311KB - Virtual size: 310KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b163697e232cae3360614cba1fdb5be0

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

shell32

kernel32

wininet

Sections

.text Size: 311KB - Virtual size: 310KB

.rdata Size: 68KB - Virtual size: 93KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 73KB - Virtual size: 73KB

.text
Size: 311KB - Virtual size: 310KB

.rdata
Size: 68KB - Virtual size: 93KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 73KB - Virtual size: 73KB