85b7145dda57b8c45064d701ed59733d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

85b7145dda57b8c45064d701ed59733d_JaffaCakes118
Size

505KB
MD5

85b7145dda57b8c45064d701ed59733d
SHA1

f8f6b550247c9dc2ba17605584b8216d9756d5b6
SHA256

93ad9f75d4bbe947d18558e313a800b9eaa902552d9bc93118d02ee864c34d44
SHA512

021aa3d06871fd94d3f9b9ff489c4b3d6163abedb8a12f3e72128d228fb65036fba14cce5d574f429f7a81069cd0fa93ab983937ef93a2dd408c6894ae0e62e8
SSDEEP

12288:NpIsQKxpWg8xwKUNyrNkDEB7vp5Cw4GKpqzT:NxF8rNOM7vpxlKYT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85b7145dda57b8c45064d701ed59733d_JaffaCakes118

Files

85b7145dda57b8c45064d701ed59733d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2dc87ee591b734b3c3e2ddadc7cd567

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\vlec

Imports

kernel32

SetEnvironmentVariableA
GetEnvironmentStrings
GetTickCount
SetHandleCount
IsValidCodePage
GetFileType
CreateSemaphoreW
SetUnhandledExceptionFilter
OpenMutexA
GetLastError
LCMapStringA
EnterCriticalSection
GetModuleHandleW
SetStdHandle
GetLocaleInfoW
WriteFile
UnhandledExceptionFilter
InterlockedExchange
GetCurrentProcess
CloseHandle
GetDateFormatA
GetCommandLineA
GetConsoleOutputCP
IsValidLocale
GetACP
SetConsoleCtrlHandler
ExpandEnvironmentStringsW
CreateMutexA
LocalSize
GetOEMCP
FreeLibrary
IsDebuggerPresent
GetModuleHandleA
GetModuleFileNameA
GetConsoleMode
EnumSystemLocalesA
FlushFileBuffers
GetStartupInfoA
QueryPerformanceCounter
GetConsoleCP
CreateFileA
LCMapStringW
InterlockedIncrement
VirtualAlloc
FreeEnvironmentStringsA
CompareStringA
GetSystemTimeAsFileTime
InterlockedDecrement
WriteConsoleOutputCharacterA
GetCurrentThread
TlsGetValue
WriteConsoleA
HeapCreate
GetCurrentProcessId
VirtualFree
WideCharToMultiByte
GetCPInfo
WriteConsoleW
HeapSize
GetLocaleInfoA
RtlUnwind
GetProcessHeap
TerminateProcess
TlsSetValue
Sleep
HeapAlloc
ReadFile
SetFilePointer
CompareStringW
FreeEnvironmentStringsW
VirtualQuery
MultiByteToWideChar
LoadLibraryA
GetStringTypeW
HeapFree
GetProcAddress
LeaveCriticalSection
DeleteCriticalSection
GetStringTypeA
GetTimeFormatA
TlsAlloc
GetEnvironmentStringsW
SetLastError
TlsFree
HeapReAlloc
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
ExitProcess
GetStdHandle
GetTimeZoneInformation
GetUserDefaultLCID
HeapDestroy

comctl32

CreateToolbar
ImageList_Replace
ImageList_Add
CreateUpDownControl
ImageList_GetIcon
InitCommonControlsEx
CreateMappedBitmap
ImageList_SetFlags
ImageList_LoadImageW
DrawStatusTextA
InitMUILanguage
_TrackMouseEvent

user32

RegisterClassExA
ShowWindow
GetSysColorBrush
SetMenuItemInfoW
RegisterClassA
MessageBoxA
CreateWindowExA
DestroyWindow
DefWindowProcA

shell32

SHChangeNotify
SHGetInstanceExplorer
ExtractAssociatedIconExW
SHFileOperationW
SHQueryRecycleBinA

wininet

GetUrlCacheHeaderData
DeleteUrlCacheGroup
HttpSendRequestExA

Sections

.text
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2dc87ee591b734b3c3e2ddadc7cd567

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

shell32

wininet

Sections

.text Size: 175KB - Virtual size: 174KB

.rdata Size: 204KB - Virtual size: 232KB

.data Size: 110KB - Virtual size: 110KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 175KB - Virtual size: 174KB

.rdata
Size: 204KB - Virtual size: 232KB

.data
Size: 110KB - Virtual size: 110KB

.rsrc
Size: 14KB - Virtual size: 14KB