48b9c8dcb22c1c9fc996f42a4715034d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

48b9c8dcb22c1c9fc996f42a4715034d_JaffaCakes118
Size

281KB
MD5

48b9c8dcb22c1c9fc996f42a4715034d
SHA1

66611f38e512566c920207cfb58166e12b918428
SHA256

1b8e7308bf812fd6c8717cd7e9a10ec656991c1fb021d8ccacabfa2859d8da5f
SHA512

e8822780461160a8deb084871dae0aca1e852faabdfa95eb05af7c5cfa1a70b437acb1a4a43dc269ff63976bb26262668b348c8219507491d7f662e2f2ff5f3f
SSDEEP

6144:YAAhIJn6/EnUsBojv6yJ5tJEv8P1PJevMMa2wKD3dU:HAhIB6CU/jv6I5tu8P1RevpZNU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48b9c8dcb22c1c9fc996f42a4715034d_JaffaCakes118

Files

48b9c8dcb22c1c9fc996f42a4715034d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb24cc74a9cfab58ed3b05d59d2606f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\AOKMRO\EPMSBBB\HYEFNCV\FIRH\SQEG\CTSZTELUS.PDB

Imports

kernel32

VirtualFree
GetStdHandle
FreeEnvironmentStringsA
GetCommandLineA
GetCurrentThread
VirtualQuery
SetFilePointer
GetEnvironmentStrings
TlsAlloc
GetPrivateProfileStringW
GetACP
GetModuleHandleA
TlsSetValue
OpenMutexA
GetStringTypeW
TerminateProcess
FlushFileBuffers
WideCharToMultiByte
InterlockedDecrement
VirtualAlloc
GetLastError
LoadLibraryA
GetLocaleInfoA
UnhandledExceptionFilter
HeapReAlloc
GetSystemDefaultLangID
GetCPInfo
ExitProcess
QueryPerformanceCounter
GetTimeZoneInformation
IsBadWritePtr
RtlUnwind
ReadFile
GetLocalTime
ReleaseMutex
GetStringTypeA
GetCurrentThreadId
GetProcAddress
InitializeCriticalSection
HeapCreate
HeapAlloc
HeapFree
WriteFile
TlsGetValue
CreateProcessW
GetVersion
LeaveCriticalSection
LCMapStringW
CompareStringA
CommConfigDialogA
GetFileType
TlsFree
DeleteCriticalSection
FreeEnvironmentStringsW
FindAtomA
InterlockedIncrement
GetOEMCP
InterlockedExchange
GetCurrentProcessId
GetEnvironmentStringsW
SetStdHandle
ReadConsoleOutputCharacterW
HeapDestroy
GetModuleFileNameA
VirtualQueryEx
GetStartupInfoA
GetSystemTimeAsFileTime
SetHandleCount
SetThreadAffinityMask
CreateMutexA
CloseHandle
MultiByteToWideChar
CompareStringW
GetSystemTime
EnterCriticalSection
SetLastError
LCMapStringA
ReadConsoleInputA
GetTickCount
GetCurrentProcess
FoldStringA
SetEnvironmentVariableA

user32

RegisterClassA
LoadIconW
OemToCharA
MessageBoxA
SetDeskWallpaper
ShowCursor
LoadAcceleratorsA
GetDialogBaseUnits
RegisterClassExA
DestroyWindow
DefWindowProcA
CreateWindowExW
DrawStateA
ShowWindow
GetMenuItemCount
GetClipboardData
DlgDirListA
GetGuiResources

gdi32

GetICMProfileA
SetTextJustification
ScaleViewportExtEx

comctl32

ImageList_Destroy
ImageList_Merge
InitMUILanguage
CreateToolbar
CreatePropertySheetPage
DrawStatusText
InitCommonControlsEx

shell32

ShellAboutW
ExtractAssociatedIconExW
SHGetSpecialFolderPathW

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb24cc74a9cfab58ed3b05d59d2606f3

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comctl32

shell32

Sections

.text Size: 119KB - Virtual size: 119KB

.rdata Size: 53KB - Virtual size: 71KB

.data Size: 89KB - Virtual size: 88KB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 119KB - Virtual size: 119KB

.rdata
Size: 53KB - Virtual size: 71KB

.data
Size: 89KB - Virtual size: 88KB

.rsrc
Size: 19KB - Virtual size: 18KB