719a617601f8b02d816c415e8548728e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

719a617601f8b02d816c415e8548728e_JaffaCakes118
Size

544KB
MD5

719a617601f8b02d816c415e8548728e
SHA1

87562e88f9ed3ca7c4bc24ad4d4d26cc8b42316a
SHA256

c3c7b595844dc2b410130053db1848f1593605c66437f9faf34fa2566d200b75
SHA512

bef7ec040bd5f957ee0df74b17280c77d2fd9af0c048f0cf8d7157d7bb5300ecb13d65d85df64af508053a39bede0689dc2ae8e8ae1ef982e754929582d8de8b
SSDEEP

12288:195OKdkqm5Ouq3T5vfgVJfKklNELGoSilIN0Z/JWU/4Cn+R:195DdEOuq3d0JfK6xoPG0Z/JfqR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
719a617601f8b02d816c415e8548728e_JaffaCakes118

Files

719a617601f8b02d816c415e8548728e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1fd836530edd07bae0017ba32bcd4dcc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\oeruesz\euoy

Imports

comctl32

ImageList_DragMove
ImageList_DragShowNolock
ImageList_SetImageCount
ImageList_GetImageInfo
CreateToolbar
CreateStatusWindow
InitCommonControlsEx
ImageList_GetBkColor
CreateToolbarEx
ImageList_Create
ImageList_ReplaceIcon
ImageList_DragLeave
ImageList_LoadImageW
GetEffectiveClientRect

shell32

DoEnvironmentSubstA
ShellExecuteW

kernel32

VirtualAlloc
GetEnvironmentStrings
ResumeThread
HeapFree
GetCurrentThread
VirtualFree
GetLogicalDriveStringsW
CloseHandle
GetSystemTime
EnterCriticalSection
SetTimeZoneInformation
DeleteCriticalSection
SetStdHandle
CreatePipe
FileTimeToDosDateTime
FormatMessageA
VirtualQuery
TlsAlloc
GetCurrentDirectoryW
GetStartupInfoA
CompareStringW
GetLastError
GetNamedPipeInfo
GetLocaleInfoA
WritePrivateProfileSectionW
GetTickCount
GetProcAddress
GetTimeZoneInformation
CreateWaitableTimerW
LoadLibraryA
GetCurrentThreadId
RtlUnwind
TerminateProcess
MultiByteToWideChar
lstrcat
GetCurrentProcess
LocalSize
MapViewOfFile
ReadConsoleOutputCharacterA
GetDiskFreeSpaceExA
SuspendThread
GetCurrencyFormatW
GlobalCompact
GetFileType
GetStringTypeW
QueryPerformanceCounter
lstrcmp
InterlockedIncrement
WriteFileEx
CompareStringA
InitializeCriticalSection
SetVolumeLabelA
GetLocalTime
TlsGetValue
LCMapStringA
FlushFileBuffers
DeleteAtom
SetCurrentDirectoryW
ReadFile
GetVersion
OpenMutexA
GetModuleFileNameA
OutputDebugStringA
GetSystemTimeAsFileTime
GetACP
HeapAlloc
SetEnvironmentVariableA
InterlockedDecrement
UnlockFileEx
FreeEnvironmentStringsA
GetTempFileNameA
WriteFile
TlsFree
OpenSemaphoreA
SleepEx
TlsSetValue
WideCharToMultiByte
LCMapStringW
ExitProcess
GetCurrentProcessId
GetProfileIntA
HeapReAlloc
FreeEnvironmentStringsW
GlobalAddAtomW
HeapLock
GetNumberFormatA
UnhandledExceptionFilter
GetProfileSectionA
SetConsoleTitleW
WriteProfileSectionW
GetOEMCP
GetThreadSelectorEntry
GetStdHandle
GetStringTypeA
HeapCreate
GetEnvironmentStringsW
lstrcmpA
WritePrivateProfileSectionA
IsBadWritePtr
GetFileAttributesA
LeaveCriticalSection
GetCommandLineA
GetMailslotInfo
HeapSize
CreateMutexA
RemoveDirectoryW
SetFilePointer
ContinueDebugEvent
GetConsoleScreenBufferInfo
SetHandleCount
HeapDestroy
GetCPInfo
SetLastError
InterlockedExchange
GetFileAttributesExA
GetModuleHandleA

user32

DefDlgProcW
RegisterClassA
CreatePopupMenu
DestroyWindow
SetParent
ValidateRect
PostThreadMessageW
RegisterClassExA
InvalidateRgn
CreateWindowExW
GetMenuInfo
CreateDesktopA
InSendMessageEx
ShowWindowAsync
OpenDesktopA
MessageBoxA
PostThreadMessageA
GetSystemMenu
DdeConnectList
ShowWindow
IsCharUpperW
DefWindowProcA

comdlg32

LoadAlterBitmap
ChooseColorA

wininet

InternetAttemptConnect
InternetSetDialStateA
FtpGetFileW
InternetSetDialStateW
FindFirstUrlCacheEntryExA

Sections

.text
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fd836530edd07bae0017ba32bcd4dcc

Headers

File Characteristics

PDB Paths

Imports

comctl32

shell32

kernel32

user32

comdlg32

wininet

Sections

.text Size: 164KB - Virtual size: 161KB

.rdata Size: 248KB - Virtual size: 245KB

.data Size: 112KB - Virtual size: 128KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 164KB - Virtual size: 161KB

.rdata
Size: 248KB - Virtual size: 245KB

.data
Size: 112KB - Virtual size: 128KB

.rsrc
Size: 16KB - Virtual size: 15KB