4c5dfe05197d400729979b9142009893_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4c5dfe05197d400729979b9142009893_JaffaCakes118
Size

384KB
MD5

4c5dfe05197d400729979b9142009893
SHA1

291cee6a47cd4224176a152a8f1bd416afccaff8
SHA256

3a401eff6d254e7bce29a03bd723663f95dbd1a4f975558de10581fb43ccf461
SHA512

653cf9b202d2616ba6e12a798db96b37d3aea9a9c84f6e10bd51f6b99ac7858e24acba7ee4da6f9d9037bcd0d40edd50fc11e53be470bccf0dfb2b86d18cada2
SSDEEP

6144:hnTDoGeSPA9/49qUrf0kkbl7vOMNmVjuBrpsyJ41GqAQ8YEYAItN:hnTDXPA149qrkk9mVmrpXoHOYEYA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c5dfe05197d400729979b9142009893_JaffaCakes118

Files

4c5dfe05197d400729979b9142009893_JaffaCakes118
.exe windows:4 windows x86 arch:x86

190bb1aec0048466aa3135e5586ebc51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\pqzssxeabk\tcpavd\uuey\lusvjcxh.pdb

Imports

user32

RegisterClassExA
GetScrollBarInfo
TrackPopupMenuEx
UnhookWindowsHook
SetShellWindow
GetTitleBarInfo
SetTimer
DialogBoxIndirectParamA
WINNLSEnableIME
InsertMenuItemA
FlashWindowEx
SetWindowTextA
RegisterClassA
EnumDisplaySettingsExA
LoadKeyboardLayoutW
DestroyAcceleratorTable
SendMessageTimeoutW

comctl32

ImageList_GetImageInfo
DrawInsert
InitCommonControlsEx
ImageList_EndDrag

kernel32

GetTimeZoneInformation
SetUnhandledExceptionFilter
GetDateFormatA
ExitProcess
MoveFileA
GetCurrentThread
GetStartupInfoW
GetProcAddress
RemoveDirectoryW
UnhandledExceptionFilter
GetLastError
GetFileType
HeapLock
CommConfigDialogW
GetFileAttributesW
EnumSystemLocalesA
WriteFile
FreeEnvironmentStringsW
SetLastError
GetVersionExA
GetModuleFileNameW
GetVolumeInformationW
FreeEnvironmentStringsA
VirtualFree
IsValidLocale
GetStdHandle
DeleteCriticalSection
EnterCriticalSection
HeapReAlloc
ReadFile
TlsSetValue
LoadLibraryA
EnumTimeFormatsW
FreeLibrary
Sleep
FlushFileBuffers
GetLocaleInfoA
SetConsoleCursorInfo
TlsAlloc
GetCPInfo
TlsFree
SetStdHandle
LockResource
HeapCreate
InterlockedDecrement
SetConsoleCtrlHandler
HeapAlloc
OpenMutexA
HeapFree
LocalFree
GetSystemTimeAsFileTime
GetProcessHeap
QueryPerformanceCounter
CreateFileA
GetConsoleCP
GetSystemInfo
GetCurrentThreadId
GetTimeFormatA
SetEndOfFile
LCMapStringW
HeapSize
GetCommandLineW
GetTickCount
IsValidCodePage
LeaveCriticalSection
GetCurrentProcessId
ContinueDebugEvent
CompareStringW
GetOEMCP
WideCharToMultiByte
GetTimeFormatW
GetCurrentProcess
GetEnvironmentStrings
SetHandleCount
GetConsoleMode
InitializeCriticalSection
SleepEx
TlsGetValue
GetStringTypeW
VirtualQuery
VirtualAlloc
LCMapStringA
RtlUnwind
FileTimeToSystemTime
SetEnvironmentVariableA
WriteConsoleW
LoadLibraryW
CompareStringA
InterlockedIncrement
SetConsoleOutputCP
GetACP
GetConsoleOutputCP
CreateDirectoryA
TerminateProcess
GetStartupInfoA
SetFilePointer
GetLocaleInfoW
GetEnvironmentStringsW
GetCommandLineA
WriteConsoleA
InterlockedExchange
CreateMutexA
OutputDebugStringA
WriteProfileSectionW
GetModuleHandleA
CloseHandle
GetStringTypeA
IsDebuggerPresent
GetModuleFileNameA
GetUserDefaultLCID
HeapDestroy
MultiByteToWideChar

comdlg32

PageSetupDlgW
ReplaceTextW
GetFileTitleW
PageSetupDlgA

Sections

.text
Size: 250KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

190bb1aec0048466aa3135e5586ebc51

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

comdlg32

Sections

.text Size: 250KB - Virtual size: 249KB

.rdata Size: 16KB - Virtual size: 30KB

.data Size: 91KB - Virtual size: 91KB

.rsrc Size: 25KB - Virtual size: 24KB

.text
Size: 250KB - Virtual size: 249KB

.rdata
Size: 16KB - Virtual size: 30KB

.data
Size: 91KB - Virtual size: 91KB

.rsrc
Size: 25KB - Virtual size: 24KB