45e144979946352c2cd7d1965fcd1ffa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45e144979946352c2cd7d1965fcd1ffa_JaffaCakes118
Size

724KB
MD5

45e144979946352c2cd7d1965fcd1ffa
SHA1

e114f0f900e82e2098ac8ecf9c23eff4c79b0d33
SHA256

6cb9431b4ee8cefd9804105ba0c26512b9496e758205e1dcf4e023a1323fc9dd
SHA512

9ddbfe32f850f10f184d597cf98071f076ac23f0850ec19c2a7a9e8acf3749f5d462b4b4a8a0769552d05ad6b376800efdffca1ddf1efe64130157cee879d1e0
SSDEEP

12288:uh37vhOw+HAPAmU/4VIHJtclmppFpH/7HdlO+3HLIOrco3aYHO:uh37sl2lk84tclmp5jLO+pV3vO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45e144979946352c2cd7d1965fcd1ffa_JaffaCakes118

Files

45e144979946352c2cd7d1965fcd1ffa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6f23d8d7f552f0c1852b1d1e13c58de0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\suenon\qeelt

Imports

kernel32

TlsSetValue
GetTickCount
GetStringTypeW
VirtualFree
CreateWaitableTimerW
IsDebuggerPresent
LCMapStringW
GetEnvironmentStringsA
TlsFree
UnhandledExceptionFilter
GetModuleFileNameA
EnumSystemLocalesA
DebugBreak
GetVersion
GetSystemTimeAsFileTime
IsValidLocale
SetFilePointer
FlushFileBuffers
GetFileAttributesA
GlobalAlloc
GetConsoleMode
GetCommandLineA
GetStartupInfoW
MapViewOfFile
EnumResourceTypesA
InterlockedDecrement
Sleep
GetProcessHeap
EnumResourceTypesW
QueryPerformanceCounter
SetTimeZoneInformation
GetFileAttributesExW
WriteConsoleA
WriteFile
VirtualAlloc
GetTimeZoneInformation
GetConsoleCP
InitializeCriticalSection
GetModuleHandleA
RtlUnwind
InterlockedIncrement
GetLastError
GetDateFormatA
InterlockedExchange
GlobalCompact
GetVersionExA
GetProcAddress
GlobalLock
CreateMutexA
ReadFile
GetStartupInfoA
GetCurrentThreadId
FreeLibrary
CloseHandle
SetLocaleInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
HeapReAlloc
GetStdHandle
TerminateProcess
HeapDestroy
CompareStringA
GetCurrentThread
HeapFree
TlsGetValue
SetConsoleTitleA
VirtualQuery
GetStringTypeA
GetLocaleInfoA
CreateDirectoryA
SetConsoleMode
ExitProcess
EnumSystemLocalesW
GetLocaleInfoW
FindClose
ExitThread
LCMapStringA
DeleteCriticalSection
FreeEnvironmentStringsW
HeapSize
HeapCreate
SetEnvironmentVariableA
MoveFileExW
WaitForSingleObjectEx
SetUnhandledExceptionFilter
GetConsoleOutputCP
GetTimeFormatA
SetHandleCount
GetEnvironmentStringsW
SetStdHandle
GetOEMCP
LeaveCriticalSection
GetCurrentProcess
WriteConsoleW
GetUserDefaultLCID
VirtualFreeEx
WideCharToMultiByte
GetFileType
OpenMutexA
SetConsoleCursorPosition
GetACP
SetLastError
LoadLibraryA
HeapAlloc
GetCurrentProcessId
IsValidCodePage
CompareStringW
GetProfileSectionA
EnterCriticalSection
TlsAlloc
IsBadWritePtr
GetCPInfo
SetConsoleCtrlHandler
CreateFileA
MultiByteToWideChar

comctl32

ImageList_ReplaceIcon
DestroyPropertySheetPage
ImageList_GetDragImage
ImageList_GetFlags
ImageList_Write
CreateStatusWindowW
ImageList_DragEnter
ImageList_Add
CreateStatusWindow
CreateToolbarEx
ImageList_DrawIndirect
CreatePropertySheetPage
ImageList_Create
CreateUpDownControl
InitMUILanguage
ImageList_DragMove
ImageList_Merge
ImageList_GetBkColor
InitCommonControlsEx
CreateToolbar
ImageList_SetFlags
ImageList_SetIconSize
CreateStatusWindowA

user32

LoadIconA
DestroyWindow
DrawFrameControl
IsRectEmpty
GetDlgItem
MessageBoxA
OpenWindowStationA
GetKeyboardState
RegisterClassA
LockWindowUpdate
GetMenuContextHelpId
SetClassLongA
OemKeyScan
IsDialogMessage
GrayStringA
RegisterClassExA
CreateWindowExW
GetWindowWord
ShowWindow
CloseWindow
DefWindowProcA
GetMessagePos
CreateDesktopA
GetMenuItemCount
GetScrollPos
SetMenuContextHelpId
EditWndProc
MessageBeep
DdeInitializeW
ToUnicode

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 456KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f23d8d7f552f0c1852b1d1e13c58de0

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 456KB - Virtual size: 452KB

.data Size: 132KB - Virtual size: 134KB

.rsrc Size: 36KB - Virtual size: 35KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 456KB - Virtual size: 452KB

.data
Size: 132KB - Virtual size: 134KB

.rsrc
Size: 36KB - Virtual size: 35KB