8804ff991c340093688973f10035026d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8804ff991c340093688973f10035026d_JaffaCakes118
Size

456KB
MD5

8804ff991c340093688973f10035026d
SHA1

4715ff20560c5280f8cb4873767be5e1a4ce7a44
SHA256

533aaab2c2c8313f85eb3e5e6025a82c357c9734ca41b7dead6001bcd9a3ba83
SHA512

7c821e497ab17454a6ca0e79e3f90484ce00364014f9e3fd7c7bcd18decb06a241755fc21388ef46b23daa2ba58baadc998204e9ee0625f4983e64f237da4c55
SSDEEP

12288:oNADeIJEoUnU++HZ+xRFGJUg4BTcnTKyACgo:4ADeIJLnHQxCJUgEKlx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8804ff991c340093688973f10035026d_JaffaCakes118

Files

8804ff991c340093688973f10035026d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5e444f8db39fb348998b4d376e3a14f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\tvfsvb\ooghe\tdxwe\erto\tbeex\oobgops.pdb

Imports

user32

SetMenu
SetMenuContextHelpId
GetScrollInfo
GetSystemMenu
IsRectEmpty
UnhookWinEvent
GetSysColor
PostMessageW
GetDlgItemTextW
GetClassLongW
ValidateRect
DdeClientTransaction
DestroyWindow
GetWindowModuleFileNameW
DdeCreateStringHandleA
GetWindowInfo
FindWindowA
ShowWindow
CreateWindowExA
SendMessageTimeoutA
SetWindowLongA
VkKeyScanW
RegisterClassExA
BroadcastSystemMessage
DdePostAdvise
OemToCharW
RegisterClassA
SetMenuItemInfoW
GetKeyboardLayout
EmptyClipboard
CharLowerW
DialogBoxParamA
DefWindowProcA
OemKeyScan
GetKeyState
SetForegroundWindow
MessageBoxW
UnionRect
PostThreadMessageW
GetWindowTextW
TranslateMessage

comctl32

CreateUpDownControl
ImageList_EndDrag
ImageList_SetFlags
InitCommonControlsEx

shell32

InternalExtractIconListW

kernel32

EnterCriticalSection
FreeEnvironmentStringsA
TlsGetValue
GetStartupInfoA
GetCurrentProcess
HeapDestroy
HeapAlloc
SetUnhandledExceptionFilter
WriteConsoleW
LoadLibraryA
FreeEnvironmentStringsW
GetModuleFileNameA
GetLastError
FlushFileBuffers
DeleteCriticalSection
CloseHandle
QueryPerformanceCounter
GetTimeFormatA
GetTimeZoneInformation
GetTickCount
HeapSize
GlobalFree
VirtualFree
CreateFileA
GetOEMCP
GetCommandLineA
TerminateProcess
WideCharToMultiByte
GetSystemTimeAsFileTime
WriteFile
OpenEventW
GetVersionExA
Sleep
InitializeCriticalSection
FreeLibraryAndExitThread
LeaveCriticalSection
GetConsoleMode
GetUserDefaultLCID
GetStartupInfoW
CreateMutexA
HeapCreate
UnhandledExceptionFilter
SetLastError
SetStdHandle
TlsFree
GetStdHandle
FindResourceExW
HeapReAlloc
TlsAlloc
GetCurrentProcessId
EnumSystemLocalesA
CompareStringA
GetCommandLineW
MultiByteToWideChar
GetEnvironmentStringsW
HeapFree
GetStringTypeW
GetModuleHandleA
GetModuleFileNameW
ExitProcess
CompareStringW
LCMapStringW
RtlMoveMemory
LCMapStringA
InterlockedExchange
GetConsoleOutputCP
FreeLibrary
GetFileType
GetProcAddress
GetConsoleCP
GetLocaleInfoA
SetFilePointer
OpenMutexA
GetLocaleInfoW
ReadFile
WriteConsoleA
VirtualQuery
InterlockedIncrement
SetEnvironmentVariableA
GetCurrentThread
GetACP
IsDebuggerPresent
GetCurrentThreadId
InterlockedDecrement
SetConsoleCtrlHandler
GetDateFormatA
SetHandleCount
GetEnvironmentStrings
IsValidLocale
GetCPInfo
RtlUnwind
IsValidCodePage
TlsSetValue
GetStringTypeA
GetProcessHeap
VirtualAlloc

comdlg32

LoadAlterBitmap
PageSetupDlgW
GetFileTitleA

Sections

.text
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5e444f8db39fb348998b4d376e3a14f

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

shell32

kernel32

comdlg32

Sections

.text Size: 152KB - Virtual size: 148KB

.rdata Size: 140KB - Virtual size: 139KB

.data Size: 100KB - Virtual size: 115KB

.rsrc Size: 60KB - Virtual size: 56KB

.text
Size: 152KB - Virtual size: 148KB

.rdata
Size: 140KB - Virtual size: 139KB

.data
Size: 100KB - Virtual size: 115KB

.rsrc
Size: 60KB - Virtual size: 56KB