62001bc16efc3d1f56f84c779138e4c8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

62001bc16efc3d1f56f84c779138e4c8_JaffaCakes118
Size

574KB
MD5

62001bc16efc3d1f56f84c779138e4c8
SHA1

552b6ce1a6f77ac233ab98148672c404cf3f8fe0
SHA256

9a9da46b5d77f20ad2c46fd97aa943468cc8e68c6fef76c25f3fa371eced25ad
SHA512

e4962a393ca03b9c8b21044f0c96c799a9b74df2cd61a326b70ad9092f39d0a57d690c45d4d2141b12b62e34cd3418af250910364695cc25621ab128a099de78
SSDEEP

12288:wfUA/mUbYpPh+ojecNFAEDks9Qth0+9VpWdi4KYh32SAwC:QUQmsYpPh+QecL5gG60+9Vpgi4KYEcC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62001bc16efc3d1f56f84c779138e4c8_JaffaCakes118

Files

62001bc16efc3d1f56f84c779138e4c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

52a7bfdfbdb580e92ce803cc8838b92e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\dvhe\bkgkffhumw\sxm

Imports

kernel32

InterlockedExchange
GetCurrentThread
GetConsoleOutputCP
CompareStringA
SetThreadPriority
GetEnvironmentStringsW
GetExitCodeProcess
GetSystemDirectoryA
DeleteCriticalSection
FreeLibrary
LCMapStringW
MultiByteToWideChar
GetModuleHandleW
ReadFile
WideCharToMultiByte
SetComputerNameW
CreateMutexA
GlobalAlloc
SetConsoleCtrlHandler
GetCurrentThreadId
ExitProcess
HeapAlloc
GetModuleHandleA
IsValidLocale
CreateFileA
LeaveCriticalSection
LCMapStringA
InitializeCriticalSectionAndSpinCount
VirtualAlloc
GetTempFileNameW
WriteConsoleA
IsValidCodePage
SetFilePointer
GetTimeFormatA
GetStartupInfoA
EnterCriticalSection
GetEnvironmentVariableA
RtlUnwind
FreeEnvironmentStringsW
GetUserDefaultLCID
HeapFree
GetConsoleCP
VirtualFree
InterlockedDecrement
IsBadWritePtr
IsDebuggerPresent
GetOEMCP
GetCurrentProcess
LoadLibraryA
UnhandledExceptionFilter
TlsAlloc
VirtualQuery
InterlockedIncrement
GetLastError
GetEnvironmentStrings
TlsFree
EnumSystemLocalesA
SetEnvironmentVariableA
InterlockedCompareExchange
HeapDestroy
TerminateProcess
Sleep
DebugActiveProcess
HeapReAlloc
FlushFileBuffers
GetLocaleInfoW
GetDateFormatA
GetCurrentProcessId
GetSystemTimeAsFileTime
TlsGetValue
HeapSize
OpenFileMappingW
GetCommandLineA
WriteFile
GetLocaleInfoA
TlsSetValue
GetProcAddress
GetTickCount
SetLastError
GetTimeZoneInformation
SetUnhandledExceptionFilter
WriteConsoleW
GetStdHandle
CompareStringW
GetStringTypeW
HeapCreate
OpenMutexA
GetConsoleMode
CloseHandle
SetHandleCount
FreeEnvironmentStringsA
QueryPerformanceCounter
GetPrivateProfileSectionNamesW
GetCPInfo
SetStdHandle
GetModuleFileNameA
GetACP
GetFileType
GetStringTypeA

gdi32

GdiFlush
DeleteObject
CopyEnhMetaFileA
SetWindowExtEx
GetNearestColor
SelectClipRgn
CloseEnhMetaFile
PolyTextOutA
CreateICW
FixBrushOrgEx
GetNearestPaletteIndex
SetMagicColors
EnumFontFamiliesW
ColorMatchToTarget
GetPaletteEntries
FillRgn
UpdateColors
SetICMMode
GetDeviceCaps
CreateDCW
GetObjectW
DeleteDC
CreateICA
GetTextColor

user32

SetClassLongA
DefWindowProcW
CreateWindowExW
RegisterClassExA
MessageBoxA
GetPropW
GetKeyboardType
EnableMenuItem
HideCaret
DestroyWindow
SendMessageTimeoutA
EnumWindows
GetClassInfoW
RegisterClassA
GetTopWindow
DrawFrameControl
ShowWindow
GetKeyboardLayout

comctl32

ImageList_GetIconSize
InitCommonControlsEx

Sections

.text
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 250KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52a7bfdfbdb580e92ce803cc8838b92e

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

user32

comctl32

Sections

.text Size: 159KB - Virtual size: 158KB

.rdata Size: 250KB - Virtual size: 263KB

.data Size: 120KB - Virtual size: 120KB

.rsrc Size: 43KB - Virtual size: 42KB

.text
Size: 159KB - Virtual size: 158KB

.rdata
Size: 250KB - Virtual size: 263KB

.data
Size: 120KB - Virtual size: 120KB

.rsrc
Size: 43KB - Virtual size: 42KB