4c75373eb172e827d5ede667efd3e41b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4c75373eb172e827d5ede667efd3e41b_JaffaCakes118
Size

556KB
MD5

4c75373eb172e827d5ede667efd3e41b
SHA1

86262a5bb6babd566aedf13ade2b63809a216191
SHA256

3ac8188ad7b07cdcaff73563a67ec3d13daeb7886c1e0a5d547e6005d0e6d590
SHA512

b728668426d26b4a5e1e8a49bfe706fb2eae191fc800910a52d9559367440d84be973d20021f64edbc8e249fc5d13767df4e887283f2ae36df5e2603848e2a25
SSDEEP

12288:stylwMAi+kpb/9NhoBhlQT+3at0hTD3AmmTig/YKzebX:sZMAi++XhoBhuT+3aWP7g/YK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c75373eb172e827d5ede667efd3e41b_JaffaCakes118

Files

4c75373eb172e827d5ede667efd3e41b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b0e3ee94bc77ebfc22a2b6e3092c83a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\axgcs\dyjwdqir\

Imports

kernel32

OpenSemaphoreA
GetModuleHandleA
lstrlen
GetFileType
ReadFile
QueryPerformanceCounter
GetLocaleInfoA
VirtualFree
CloseHandle
TerminateProcess
SetLastError
OutputDebugStringA
GetStringTypeA
ResetEvent
GlobalCompact
HeapValidate
IsBadWritePtr
ContinueDebugEvent
OpenMutexA
SetHandleCount
GetLastError
GetStringTypeW
GetCommandLineA
SetStdHandle
RemoveDirectoryW
InterlockedIncrement
GetThreadLocale
GetCurrentThreadId
InitializeCriticalSection
HeapCreate
SystemTimeToTzSpecificLocalTime
lstrcatW
ExitProcess
FormatMessageA
VirtualProtectEx
GetLocalTime
GetStdHandle
GetFileSize
GetStartupInfoW
FlushViewOfFile
lstrcmpiW
SetFilePointer
GetCurrentProcess
EnterCriticalSection
GetSystemTimeAsFileTime
GetCPInfo
HeapAlloc
VirtualAlloc
SetLocalTime
GetVersion
InterlockedExchange
OpenSemaphoreW
RtlUnwind
FlushFileBuffers
LCMapStringW
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
GetProfileStringA
HeapDestroy
GetEnvironmentStringsW
HeapReAlloc
LeaveCriticalSection
InterlockedDecrement
GetUserDefaultLangID
DeleteCriticalSection
UnhandledExceptionFilter
HeapFree
CreateMutexA
VirtualQuery
CreateToolhelp32Snapshot
TlsFree
GetThreadTimes
LCMapStringA
GetFileAttributesExW
GetThreadContext
GetModuleFileNameW
GetCommandLineW
SetEnvironmentVariableA
GetCurrentThread
LoadLibraryA
HeapLock
WaitNamedPipeA
CompareStringW
SetThreadLocale
ReadConsoleOutputW
MoveFileExW
GetTickCount
TlsGetValue
GetProcAddress
GetEnvironmentStrings
GetModuleFileNameA
DeleteAtom
GetModuleHandleW
WriteFile
GetThreadSelectorEntry
lstrcpynW
TlsAlloc
GetCurrentProcessId
MultiByteToWideChar
LocalFileTimeToFileTime
GetSystemTime
GetProcessHeap
CompareStringA
GetStartupInfoA
OpenMutexW
WideCharToMultiByte
TlsSetValue
FreeEnvironmentStringsW
GetEnvironmentVariableA
GetTimeZoneInformation
WriteFileEx

shell32

SHGetPathFromIDListW
SHGetPathFromIDListA

advapi32

CryptEncrypt
RegOpenKeyExA
RegDeleteKeyA
LookupAccountSidA
ReportEventA
CryptSetHashParam
AbortSystemShutdownA
GetUserNameW
CryptEnumProviderTypesW
RegCreateKeyW

user32

CreateDialogIndirectParamW
DrawFocusRect
LoadCursorFromFileW
ToAsciiEx
GetUserObjectSecurity
ShowScrollBar
CheckMenuItem
PostQuitMessage
DdeKeepStringHandle
DdeConnectList
RegisterClassA
EnumDesktopsA
WindowFromDC
PaintDesktop
CharToOemW
GetMenuItemID
SetProcessDefaultLayout
CallMsgFilterW
SetDlgItemTextW
SetRectEmpty
wsprintfW
SetWindowLongA
CharUpperA
DdeNameService
WindowFromPoint
ChildWindowFromPointEx
EnumDisplayMonitors
GetCapture
MonitorFromWindow
BlockInput
SwitchDesktop
DdeDisconnectList
SetMenuItemInfoW
WINNLSEnableIME
SendMessageTimeoutW
GetMonitorInfoW
UnregisterClassA
TrackPopupMenu
LoadIconA
DdeUnaccessData
CopyAcceleratorTableW
RegisterHotKey
SetWindowPos
SetWindowPlacement
LoadCursorA
OpenIcon
GetKBCodePage
CharToOemBuffA
CallMsgFilterA
RemoveMenu
RegisterClassExA
GetCaretBlinkTime
wsprintfA

gdi32

ResetDCW
DeleteDC
DeleteObject
PlayMetaFile
ArcTo
GetDeviceCaps
UpdateColors
CreateDCW
GetObjectW
SelectObject
WidenPath
GetGraphicsMode

comctl32

CreatePropertySheetPageW
CreatePropertySheetPageA
ImageList_Destroy
ImageList_Read
ImageList_GetImageInfo
ImageList_LoadImage
DrawInsert
ImageList_BeginDrag
InitCommonControlsEx

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b0e3ee94bc77ebfc22a2b6e3092c83a

Headers

File Characteristics

PDB Paths

Imports

kernel32

shell32

advapi32

user32

gdi32

comctl32

Sections

.text Size: 152KB - Virtual size: 151KB

.rdata Size: 244KB - Virtual size: 240KB

.data Size: 116KB - Virtual size: 135KB

.rsrc Size: 40KB - Virtual size: 36KB

.text
Size: 152KB - Virtual size: 151KB

.rdata
Size: 244KB - Virtual size: 240KB

.data
Size: 116KB - Virtual size: 135KB

.rsrc
Size: 40KB - Virtual size: 36KB