86d08b10b4379ab36d584266e38d8bed_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

86d08b10b4379ab36d584266e38d8bed_JaffaCakes118
Size

675KB
MD5

86d08b10b4379ab36d584266e38d8bed
SHA1

b4ebdeb81437a39c856ff47e7cd92312e52739bc
SHA256

5696b77981f7f1b3e341e35553326e93ba34e1b3edba5336de480d3bd748afbe
SHA512

f581ac7b937a7cfd3b96be499bafb88c18926978b17d8ceca627140a41e759937fd690d8c99b9d0f31286b0d70e1919e8ade9f02b9d3e8dfd9235d09f3981732
SSDEEP

12288:DIAxogD/iOBC9ds3jKbS/6FMpwvzGZZMtYB85qYsPWezC2JHTuHIb0ofwLSUQ:DV5iOBC9u3jAy6gReYoqYteOQSIb0Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86d08b10b4379ab36d584266e38d8bed_JaffaCakes118

Files

86d08b10b4379ab36d584266e38d8bed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

77f4271caf81fe0cfbeb4d120e0f7a36

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\jnvuryr\ewuzp\ozbdgb.pdb

Imports

kernel32

CreateDirectoryExW
DeleteAtom
GetModuleFileNameW
HeapCreate
GetConsoleCP
FlushFileBuffers
LCMapStringA
SetLocaleInfoA
RtlFillMemory
GetLastError
GetFileType
QueryPerformanceCounter
VirtualLock
CreateWaitableTimerW
GetStdHandle
lstrcmp
GetThreadPriority
LocalSize
WaitForMultipleObjects
lstrcatW
WriteFile
CreateDirectoryA
EnumSystemLocalesA
ConnectNamedPipe
OpenMutexW
OpenMutexA
SetEnvironmentVariableA
GetCommandLineA
LoadLibraryA
WriteConsoleOutputW
CompareStringW
CreateFileA
ReadConsoleOutputA
ReadConsoleOutputAttribute
EnumSystemCodePagesW
GetConsoleOutputCP
GetExitCodeThread
InterlockedExchange
RtlUnwind
GetModuleHandleW
SetCurrentDirectoryA
GetStringTypeW
GetCommandLineW
TerminateProcess
SetThreadAffinityMask
GetCurrentProcess
IsValidCodePage
GetConsoleMode
TlsAlloc
GetCurrentThread
ReadConsoleA
GlobalFindAtomA
SetEnvironmentVariableW
WritePrivateProfileStructA
IsValidLocale
HeapAlloc
TlsGetValue
GetDateFormatA
GetLocaleInfoW
LocalHandle
GetModuleFileNameA
FreeEnvironmentStringsW
HeapReAlloc
FreeLibrary
GetComputerNameA
SetHandleCount
MoveFileExW
lstrcpy
SetFilePointer
GetACP
GetStartupInfoA
OpenWaitableTimerA
GetCurrentThreadId
CloseHandle
GetProcessAffinityMask
ReadFile
GetOEMCP
GetCurrencyFormatW
SetConsoleCursorInfo
GetProcAddress
GetTimeFormatA
SetLastError
GetCurrentProcessId
GetProfileIntW
GlobalGetAtomNameW
EnterCriticalSection
GetLocaleInfoA
DeleteCriticalSection
VirtualQuery
GetModuleHandleA
TransactNamedPipe
FlushViewOfFile
HeapFree
WriteConsoleOutputA
FindNextFileA
CreateMutexA
SetPriorityClass
UnhandledExceptionFilter
DeleteFileA
GetCPInfo
OpenFileMappingW
VirtualAlloc
GetSystemInfo
WideCharToMultiByte
LocalLock
GlobalReAlloc
SetThreadPriority
InitializeCriticalSectionAndSpinCount
GetUserDefaultLCID
WriteConsoleW
HeapDestroy
GetPrivateProfileStringA
VirtualFree
SetConsoleCtrlHandler
ExitProcess
MultiByteToWideChar
GetVolumeInformationW
GetTimeZoneInformation
GetProcessHeaps
GetTempPathA
LCMapStringW
CompareFileTime
IsDebuggerPresent
GetEnvironmentStringsW
VirtualProtect
InterlockedIncrement
GetStringTypeA
SetLocaleInfoW
GetTickCount
CompareStringA
HeapSize
SetUnhandledExceptionFilter
InterlockedDecrement
GetNamedPipeInfo
CreateDirectoryW
GetThreadLocale
GetThreadContext
Sleep
SetThreadIdealProcessor
TlsSetValue
CreateNamedPipeA
lstrcmpA
WriteConsoleA
LocalFileTimeToFileTime
GetConsoleCursorInfo
LeaveCriticalSection
ReadFileEx
IsBadReadPtr
MoveFileA
lstrlenA
FoldStringW
GetStartupInfoW
VirtualAllocEx
GetStringTypeExA
TlsFree
GetSystemTimeAsFileTime
SetStdHandle
FindResourceExW
SystemTimeToTzSpecificLocalTime
CreateFileW

user32

wsprintfA
CharToOemA
RegisterClassA
SetMenuItemInfoW
SwitchToThisWindow
GetWindowTextLengthW
RegisterClassExA
UpdateWindow
DdeReconnect
GetTopWindow
SetClipboardViewer
DrawAnimatedRects
CloseWindow
GetKBCodePage
GetInputDesktop
GetProcessWindowStation
LoadImageW
TranslateAcceleratorW
CloseWindowStation
SetWindowPlacement

wininet

InternetReadFileExW
GetUrlCacheEntryInfoA
CommitUrlCacheEntryW
ShowClientAuthCerts

comdlg32

ReplaceTextA

comctl32

ImageList_DragLeave
ImageList_Merge
ImageList_Write
InitCommonControlsEx
DrawStatusTextW
ImageList_SetBkColor
ImageList_SetDragCursorImage
InitMUILanguage

advapi32

LookupPrivilegeValueA

Sections

.text
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 249KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 122KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77f4271caf81fe0cfbeb4d120e0f7a36

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

wininet

comdlg32

comctl32

advapi32

Sections

.text Size: 251KB - Virtual size: 251KB

.rdata Size: 249KB - Virtual size: 248KB

.data Size: 122KB - Virtual size: 129KB

.rsrc Size: 52KB - Virtual size: 51KB

.text
Size: 251KB - Virtual size: 251KB

.rdata
Size: 249KB - Virtual size: 248KB

.data
Size: 122KB - Virtual size: 129KB

.rsrc
Size: 52KB - Virtual size: 51KB