467ef7739217bdaedb40719e04890bbc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

467ef7739217bdaedb40719e04890bbc_JaffaCakes118
Size

701KB
MD5

467ef7739217bdaedb40719e04890bbc
SHA1

f03c0ed15f0bb21685dbb8edc746d64e938e5dcd
SHA256

10b77f0dbce767bf0ebe9cc9bfb233c230cd630fc6833e9f9712d4984dfe4108
SHA512

cd31d83bd5fb8c0951173a6ecd2ef940a4378a85ecb375ad8caa6d53d129708b064fe2197aca8d4563d4c7687c82c5c14217ef886a41ac5eee4a3a13b1d70ddd
SSDEEP

12288:s2xB9Ynf+MCAv3rqs8KPylExjqy2xi1VAnu0E1zxsDWZZre5CxUEFIU:sLfVCGPTmy2YqntEZhZY0FIU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
467ef7739217bdaedb40719e04890bbc_JaffaCakes118

Files

467ef7739217bdaedb40719e04890bbc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4c169a515d550a140b15f0de69c784de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\amnefet\ote.pdb

Imports

user32

DdeKeepStringHandle
DdePostAdvise
RegisterClassExA
MessageBoxA
CallMsgFilterW
RegisterClassA

kernel32

GetEnvironmentStrings
HeapReAlloc
HeapCreate
EnterCriticalSection
GetFileType
CreateFileA
GetStringTypeA
CompareStringW
ReadFile
DeleteCriticalSection
InitializeCriticalSection
FlushFileBuffers
SetFilePointer
GetCurrentThread
CloseHandle
TlsSetValue
lstrcatA
GetCPInfo
TlsFree
WriteConsoleA
SetEnvironmentVariableA
GetEnvironmentStringsW
EnumSystemLocalesA
InterlockedDecrement
GetLocaleInfoW
VirtualQuery
IsValidLocale
WaitNamedPipeA
MultiByteToWideChar
InterlockedExchange
VirtualAlloc
GetNamedPipeInfo
LeaveCriticalSection
GetACP
UnhandledExceptionFilter
RtlUnwind
InterlockedIncrement
DebugBreak
FreeEnvironmentStringsW
CreateMutexA
LoadLibraryW
GetLastError
GetTimeZoneInformation
ExitProcess
HeapValidate
GetPrivateProfileIntA
GetUserDefaultLCID
GetModuleFileNameW
QueryPerformanceCounter
GetModuleFileNameA
GetModuleHandleA
GetCurrentProcess
TlsAlloc
GetDateFormatA
GetStartupInfoW
GetStdHandle
SetConsoleCtrlHandler
GetCommandLineA
GetTimeFormatA
GetVersionExA
GetConsoleMode
LCMapStringW
SetHandleCount
GetFileAttributesExA
GetWindowsDirectoryW
GetCurrentThreadId
OutputDebugStringW
GetOEMCP
GetStartupInfoA
lstrcmpiA
GetLocaleInfoA
WideCharToMultiByte
WriteConsoleW
GetConsoleOutputCP
TerminateProcess
SetStdHandle
GetCommandLineW
HeapFree
GetStringTypeW
OpenMutexA
HeapAlloc
OutputDebugStringA
VirtualAllocEx
HeapDestroy
WriteFile
IsValidCodePage
GetProfileSectionA
IsDebuggerPresent
VirtualFree
lstrlenA
CompareStringA
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
GlobalFlags
GetConsoleCP
LCMapStringA
GetTickCount
CreateDirectoryExW
GetProcAddress
FreeLibrary
TlsGetValue
GetCurrentProcessId
lstrcmpW
IsBadReadPtr
SetLastError
LoadLibraryA
GetProcessHeap
DosDateTimeToFileTime
GetSystemTimeAsFileTime
RaiseException

comctl32

InitCommonControlsEx

Sections

.text
Size: 466KB - Virtual size: 466KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c169a515d550a140b15f0de69c784de

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

Sections

.text Size: 466KB - Virtual size: 466KB

.rdata Size: 98KB - Virtual size: 119KB

.data Size: 108KB - Virtual size: 107KB

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 466KB - Virtual size: 466KB

.rdata
Size: 98KB - Virtual size: 119KB

.data
Size: 108KB - Virtual size: 107KB

.rsrc
Size: 27KB - Virtual size: 26KB