4ab6aa178fef8a798cedf5ec6b288530_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4ab6aa178fef8a798cedf5ec6b288530_JaffaCakes118
Size

588KB
MD5

4ab6aa178fef8a798cedf5ec6b288530
SHA1

deaac63b462dff4e704f19f2939c0b4803712093
SHA256

4796644ec23fb3c5296e41ca7650237530b3fe30d8ecd077e249f686625c3fc2
SHA512

f824c9f9cf99684aa9fe925681a4e9eecbbc10a5f792997d8e9f17bea56bae391e8ccc6bf98b62c12bda140b826b4eaf76faebf44076a4b5b18223b1f1cef04f
SSDEEP

12288:jAGp7OIBrtk6O4ELpca1rR0BJflQ6QQ+6e:bp7OorDOjaaTAJfZXe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ab6aa178fef8a798cedf5ec6b288530_JaffaCakes118

Files

4ab6aa178fef8a798cedf5ec6b288530_JaffaCakes118
.exe windows:4 windows x86 arch:x86

300ff80358c86dbc84d6f7928c65a25d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\zetozsuaft\ybgud.pdb

Imports

comctl32

ImageList_DragMove
CreateStatusWindow
ImageList_Copy
ImageList_Duplicate
ImageList_SetBkColor
CreatePropertySheetPage
InitCommonControlsEx

kernel32

EnumCalendarInfoExW
SetConsoleCursorInfo
IsValidCodePage
GetFileAttributesExA
WriteConsoleOutputAttribute
SetEnvironmentVariableA
SetFilePointer
TlsFree
GetStartupInfoA
CompareStringW
VirtualQuery
WritePrivateProfileStructW
SetLastError
GetProcAddress
EnterCriticalSection
GetFileType
GetLocaleInfoA
VirtualAlloc
IsBadWritePtr
GetACP
SetStdHandle
GetLastError
GetVersionExA
UnhandledExceptionFilter
GetStringTypeW
GetTimeZoneInformation
HeapDestroy
FreeEnvironmentStringsA
LCMapStringW
TlsGetValue
GetCurrentThread
CompareStringA
CreateSemaphoreA
CloseHandle
GetStringTypeA
GetCurrentProcessId
EnumSystemLocalesA
GetLocaleInfoW
GetEnvironmentStringsW
GetUserDefaultLCID
InterlockedExchange
ExitProcess
GetModuleHandleA
QueryPerformanceCounter
SuspendThread
GetTickCount
ReadFile
VirtualFree
RtlUnwind
VirtualProtect
GetSystemInfo
GetStdHandle
GlobalLock
GetDateFormatA
FlushFileBuffers
WriteFile
MultiByteToWideChar
HeapAlloc
GetCommandLineA
SetConsoleWindowInfo
DeleteCriticalSection
LCMapStringA
TlsSetValue
EnumDateFormatsExW
LoadLibraryA
GetSystemDirectoryW
TlsAlloc
HeapReAlloc
GetOEMCP
InitializeCriticalSection
IsValidLocale
OpenMutexA
GetTimeFormatA
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapFree
HeapSize
LeaveCriticalSection
SetHandleCount
HeapCreate
CreateMutexA
EnumDateFormatsW
TerminateProcess
GetCurrentThreadId
GetModuleFileNameA
GetCPInfo
WideCharToMultiByte
GetCurrentProcess

user32

SendNotifyMessageW
DestroyWindow
DefWindowProcW
ShowWindow
GetKeyboardLayoutNameW
RegisterClassA
SetMenuDefaultItem
GrayStringA
SetProcessDefaultLayout
DdeCreateDataHandle
BroadcastSystemMessageW
LoadIconA
GetWindowTextA
DrawTextExW
SetCaretBlinkTime
CreateWindowExW
GetKeyState
GetWindowThreadProcessId
DispatchMessageW
LoadImageW
GetCursorInfo
RegisterClassExA
MessageBoxA
CallWindowProcA
MapVirtualKeyA
OpenWindowStationW
GrayStringW
SetThreadDesktop
DdeDisconnectList
GetWindowTextW

Sections

.text
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

300ff80358c86dbc84d6f7928c65a25d

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

Sections

.text Size: 156KB - Virtual size: 154KB

.rdata Size: 256KB - Virtual size: 253KB

.data Size: 116KB - Virtual size: 128KB

.rsrc Size: 56KB - Virtual size: 54KB

.text
Size: 156KB - Virtual size: 154KB

.rdata
Size: 256KB - Virtual size: 253KB

.data
Size: 116KB - Virtual size: 128KB

.rsrc
Size: 56KB - Virtual size: 54KB