62c06fba7ed1261037effaf185934934_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

62c06fba7ed1261037effaf185934934_JaffaCakes118
Size

532KB
MD5

62c06fba7ed1261037effaf185934934
SHA1

90219719e4a06cc995512ffdf6b6e4b06d3a66b3
SHA256

dabc4b739818e3756dc404438e009fe618c6c0d48e2c33af6d0b5961d87293b0
SHA512

722094e6d92e89d73f76be1e4b05f2ddee66db3a383f4c9e4ac3b44340ff954f4ab2ade8b737ced101dfccbc95a841178d08f1be84e4e89cdfa1f9eef04c2238
SSDEEP

12288:ek8R1IEp7zW9a1TyUwzr6COLgWA2zwMci7ZIOiXgL:f8LIEp7Cs1VwvvOXp7aXgL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62c06fba7ed1261037effaf185934934_JaffaCakes118

Files

62c06fba7ed1261037effaf185934934_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a59c3ec37c0c4527bca78c5b35e607c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\esb

Imports

gdi32

DrawEscape
StartPage
CombineTransform
CreatePen

wininet

GopherGetAttributeW
GetUrlCacheConfigInfoW
InternetGetCookieA

comctl32

InitCommonControlsEx

user32

LockWindowUpdate
RemoveMenu
OffsetRect
EditWndProc
SendMessageTimeoutA
DrawFrame
GetWindowInfo
CharUpperW
LookupIconIdFromDirectory
RealChildWindowFromPoint
WinHelpW
SetClipboardViewer
GetDC
RegisterClassA
RegisterClassExA
GrayStringA
GetTabbedTextExtentW
AppendMenuA
DlgDirListComboBoxW
GetMenuItemInfoW
InflateRect
GetMenuInfo

comdlg32

GetOpenFileNameW
ChooseColorW
GetFileTitleW
ChooseColorA

kernel32

MultiByteToWideChar
GetSystemTimeAsFileTime
HeapDestroy
InterlockedExchange
HeapCreate
HeapAlloc
GetFileType
TerminateProcess
ExitProcess
UnhandledExceptionFilter
SetStdHandle
CreateThread
GetTimeZoneInformation
lstrcpyW
LoadLibraryA
FreeEnvironmentStringsA
GetStartupInfoA
GetCommandLineW
HeapFree
RtlUnwind
WideCharToMultiByte
GetEnvironmentVariableA
GetCommandLineA
DeleteCriticalSection
LocalUnlock
SetFilePointer
GetTickCount
SetHandleCount
GetCurrentProcess
GetStringTypeW
GetCurrentThreadId
EnterCriticalSection
CompareStringA
CreateMailslotW
CreateMutexA
GetCurrentProcessId
FindNextFileA
GetLastError
SetEnvironmentVariableA
GetDiskFreeSpaceExW
GetModuleFileNameW
GetVersion
CreateToolhelp32Snapshot
GetSystemTime
GetModuleHandleA
LeaveCriticalSection
GetStdHandle
VirtualLock
GetPrivateProfileSectionW
QueryPerformanceCounter
GetEnvironmentStringsW
GetProcAddress
GetShortPathNameW
lstrcpyA
ReadConsoleOutputCharacterA
LCMapStringW
VirtualQuery
InterlockedDecrement
SetConsoleCursorInfo
WriteFile
OpenMutexA
FreeEnvironmentStringsW
TlsSetValue
TlsAlloc
GetModuleFileNameA
IsBadWritePtr
GetEnvironmentStrings
GetCurrentThread
TlsFree
GetCPInfo
FoldStringA
LCMapStringA
InterlockedIncrement
HeapReAlloc
GetProcessHeap
GetStringTypeA
SetLastError
EnumDateFormatsExA
VirtualFree
TlsGetValue
GetStartupInfoW
FlushFileBuffers
CloseHandle
GetLocalTime
RaiseException
ReadFile
CompareStringW
EnumResourceNamesA
VirtualAlloc
InitializeCriticalSection

advapi32

CryptSetProviderExA
RevertToSelf
LookupPrivilegeNameA
CryptContextAddRef
RegEnumValueW
LookupPrivilegeDisplayNameW
RegQueryInfoKeyW
CryptReleaseContext
RegNotifyChangeKeyValue
LookupPrivilegeDisplayNameA
RegSetValueExA
LookupSecurityDescriptorPartsW

Sections

.text
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a59c3ec37c0c4527bca78c5b35e607c0

Headers

File Characteristics

PDB Paths

Imports

gdi32

wininet

comctl32

user32

comdlg32

kernel32

advapi32

Sections

.text Size: 344KB - Virtual size: 344KB

.rdata Size: 48KB - Virtual size: 72KB

.data Size: 106KB - Virtual size: 106KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 344KB - Virtual size: 344KB

.rdata
Size: 48KB - Virtual size: 72KB

.data
Size: 106KB - Virtual size: 106KB

.rsrc
Size: 32KB - Virtual size: 32KB