4b6b25e73ed1dab6f1568f0bd13ce6f0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4b6b25e73ed1dab6f1568f0bd13ce6f0_JaffaCakes118
Size

705KB
MD5

4b6b25e73ed1dab6f1568f0bd13ce6f0
SHA1

1eac9f0854908d11e859b07f6c2bd570db067678
SHA256

2be39cd34d137fe6bb27315e3896083431ffea2fa1bdd36767a3ea763b38fc99
SHA512

9436f5e7767398307f4a4c6ccd0d078884b034836429c9ee41cd9c6f92dd38697d2ed0325b9154b3f745a1efe2ada79badb0cadc9d244282c320bd3c68436d06
SSDEEP

12288:AtOa372OAQIyxckpBfAkuYwZmcGRZEDwcTKvRQEEgSpAwq2wthhW:Atn7qacjwtZEh2vStmwEtH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b6b25e73ed1dab6f1568f0bd13ce6f0_JaffaCakes118

Files

4b6b25e73ed1dab6f1568f0bd13ce6f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ab6f4e6ae826245b0422384249e52aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\vetaegyv\jlgpk\cetasmkl\aoijkees.PDB

Imports

kernel32

GetLastError
CompareStringA
SetEnvironmentVariableA
GetUserDefaultLCID
LoadLibraryW
GetConsoleOutputCP
GetFileType
HeapAlloc
WaitForSingleObjectEx
IsValidCodePage
SetLastError
LCMapStringA
VirtualFree
GetCurrentProcess
EnterCriticalSection
CloseHandle
DebugBreak
TlsGetValue
VirtualQuery
EnumSystemLocalesA
TlsAlloc
GetCPInfo
GetConsoleCP
GetDateFormatA
HeapDestroy
RtlUnwind
SetStdHandle
FreeEnvironmentStringsW
TlsFree
HeapCreate
GetOEMCP
LCMapStringW
GetSystemTimeAsFileTime
HeapValidate
DeleteCriticalSection
VirtualAlloc
GetVersionExA
UnhandledExceptionFilter
InterlockedExchange
MultiByteToWideChar
IsBadReadPtr
GetCurrentThreadId
SetHandleCount
GetCurrentThread
HeapReAlloc
IsDebuggerPresent
FlushFileBuffers
lstrlenA
GetProcessHeap
InterlockedDecrement
GetTickCount
ExitProcess
GetCommandLineA
SetUnhandledExceptionFilter
OutputDebugStringW
OpenMutexA
GetEnvironmentStringsW
LoadLibraryA
InterlockedIncrement
OutputDebugStringA
IsValidLocale
WriteFile
WriteConsoleA
LeaveCriticalSection
GetCurrentProcessId
GetACP
InitializeCriticalSection
GetStartupInfoA
GetLocaleInfoA
FreeEnvironmentStringsA
CreateMutexA
GetConsoleMode
GetStringTypeW
CreateFileA
GetModuleHandleA
GetTimeZoneInformation
GetProcAddress
GetTimeFormatA
FreeLibrary
CompareStringW
GetModuleFileNameW
QueryPerformanceCounter
CreateDirectoryExA
RaiseException
WideCharToMultiByte
GetLocaleInfoW
GetEnvironmentStrings
WriteConsoleW
HeapFree
GetStringTypeA
GetModuleFileNameA
SetFilePointer
TlsSetValue
ReadFile
SetConsoleCtrlHandler
GetStdHandle
TerminateProcess

comdlg32

FindTextA
PageSetupDlgW
GetFileTitleA

user32

FlashWindowEx
RegisterClassExA
FindWindowA
RegisterClassA

gdi32

CreateBitmap
Arc
SetMapperFlags
CreateDCW
CreateColorSpaceW
SetWinMetaFileBits
GetRasterizerCaps
DescribePixelFormat
GetFontData
GetFontLanguageInfo
OffsetClipRgn
GetTextAlign
DeviceCapabilitiesExW
SetBrushOrgEx
DeleteDC
RestoreDC
ExtTextOutA
GetDeviceCaps
GetViewportExtEx
GetCharacterPlacementA
EnumFontFamiliesA

advapi32

RegDeleteValueA
LogonUserA
CreateServiceA
LookupPrivilegeNameW
CryptSetKeyParam
InitiateSystemShutdownW
CryptDeriveKey
CryptDuplicateHash
LookupSecurityDescriptorPartsW
RegEnumValueA
LookupPrivilegeDisplayNameW
RegConnectRegistryW
CryptSetProviderExA
GetUserNameA

comctl32

InitCommonControlsEx

shell32

DragQueryFileAorW

Sections

.text
Size: 477KB - Virtual size: 477KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ab6f4e6ae826245b0422384249e52aa

Headers

File Characteristics

PDB Paths

Imports

kernel32

comdlg32

user32

gdi32

advapi32

comctl32

shell32

Sections

.text Size: 477KB - Virtual size: 477KB

.rdata Size: 95KB - Virtual size: 110KB

.data Size: 117KB - Virtual size: 116KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 477KB - Virtual size: 477KB

.rdata
Size: 95KB - Virtual size: 110KB

.data
Size: 117KB - Virtual size: 116KB

.rsrc
Size: 14KB - Virtual size: 14KB