4988e9739c5f43994487dfe0e467c834_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4988e9739c5f43994487dfe0e467c834_JaffaCakes118
Size

576KB
MD5

4988e9739c5f43994487dfe0e467c834
SHA1

5b8ab0f4c4b482b6e18e7e5273818a2086834fc9
SHA256

b9d08e5d9e54ecfc4161a7b177c50e09877d1cbd0b5940b2dd3eee0f4b263b8a
SHA512

0bc47ee1aa39663c21d53e6f19bdba46a8fd88c39b5bda003401487fe422b7948a4baf100c553fa4897e5e8c7305f2c73542dfe17ad22849a9bc01841d33548b
SSDEEP

12288:dpT6Kqj/7xDLptG+TeG4Zb1/ZW4XfQRN5dy9UZDYBB:dYKqjDJ3411dQ7O9BB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4988e9739c5f43994487dfe0e467c834_JaffaCakes118

Files

4988e9739c5f43994487dfe0e467c834_JaffaCakes118
.exe windows:4 windows x86 arch:x86

524451fb98f04e55ae562c1bbe3bf2aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\sbqseost.pdb

Imports

kernel32

DeleteCriticalSection
GetEnvironmentStrings
WritePrivateProfileStringW
GetTimeZoneInformation
LoadLibraryA
GetShortPathNameA
LCMapStringW
InitializeCriticalSection
ExitProcess
EnumSystemLocalesA
OpenMutexA
TlsSetValue
GetProcAddress
FindAtomA
ReadFile
FlushFileBuffers
MultiByteToWideChar
VirtualQuery
GetModuleFileNameA
GetDateFormatA
EnumSystemLocalesW
SetFilePointer
SetHandleCount
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetEnvironmentStringsW
VirtualUnlock
IsBadWritePtr
EnterCriticalSection
SetEnvironmentVariableA
VirtualAlloc
OpenSemaphoreA
TerminateProcess
GetStdHandle
RtlUnwind
FreeEnvironmentStringsW
UnhandledExceptionFilter
CreateProcessA
TlsFree
WriteFile
WideCharToMultiByte
GetCPInfo
GetOEMCP
VirtualFree
HeapFree
GetTimeFormatA
GetVersionExA
QueryPerformanceCounter
HeapAlloc
TlsAlloc
GetLastError
FlushInstructionCache
HeapReAlloc
HeapSize
IsValidLocale
GetTempFileNameA
GlobalFix
GetUserDefaultLCID
FindNextFileW
GetCurrentDirectoryA
CloseHandle
CreateMutexA
SetLastError
VirtualProtect
GetCurrentThread
GetCommandLineA
GetTickCount
GetLocaleInfoW
UnlockFileEx
GetStartupInfoA
SetStdHandle
GetFileType
CompareStringA
CompareStringW
OpenSemaphoreW
IsValidCodePage
GetCurrentThreadId
DeleteFiber
HeapDestroy
HeapCreate
GetCurrentProcessId
InterlockedExchange
GetACP
GetCurrentProcess
GetModuleHandleA
LeaveCriticalSection
GetStringTypeA
TlsGetValue
LCMapStringA
GetStringTypeW
GetSystemInfo
GetLocaleInfoA

comctl32

ImageList_GetImageInfo
ImageList_SetDragCursorImage
ImageList_DrawEx
ImageList_DragEnter
ImageList_GetImageRect
ImageList_LoadImageW
InitMUILanguage
DestroyPropertySheetPage
CreateStatusWindowA
ImageList_AddIcon
_TrackMouseEvent
ImageList_SetBkColor
ImageList_GetIcon
DrawStatusTextW
CreateToolbarEx
InitCommonControlsEx
CreateUpDownControl
CreateStatusWindow

user32

CreateWindowExA
DispatchMessageA
RegisterClassA
TranslateAccelerator
TrackPopupMenu
CloseWindow
CloseDesktop
GetMenuCheckMarkDimensions
InsertMenuA
UnregisterHotKey
LookupIconIdFromDirectory
ChangeDisplaySettingsExW
DefWindowProcA
CopyIcon
DestroyWindow
KillTimer
GetDlgItemInt
InflateRect
VkKeyScanExA
wsprintfW
LoadKeyboardLayoutW
RegisterClassExA
CreateDialogIndirectParamW
DrawStateA
DefWindowProcW
ReplyMessage
FlashWindowEx
CharPrevW
GetKeyNameTextW
SetClassLongA
ShowWindow
MessageBoxA
GetUpdateRect
GetMonitorInfoA
EnumPropsW
IsIconic

Sections

.text
Size: 188KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

524451fb98f04e55ae562c1bbe3bf2aa

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 188KB - Virtual size: 185KB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 112KB - Virtual size: 127KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 188KB - Virtual size: 185KB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 112KB - Virtual size: 127KB

.rsrc
Size: 16KB - Virtual size: 14KB