89f4b4f2792b996fd090d2f7bcd1e494_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

89f4b4f2792b996fd090d2f7bcd1e494_JaffaCakes118
Size

323KB
MD5

89f4b4f2792b996fd090d2f7bcd1e494
SHA1

7fc952d824558d322aabddf32d3a4212a3bf043a
SHA256

49478327da75c27200ef38cfa2b1b5033b57b7bdfecf484f52cc4015c93825f4
SHA512

a12bb9442e9d66757c2b31041f68e1c1023647521091b19ba4e50b93b209a1f4fb7b215e537bb93664033db7b34ea56563515844b7924977a2761fb65e82e044
SSDEEP

6144:0BvmpMqiEEfxZEKPPF0J68FwvkMnyIJyrmgjZVb8:0NDAOWJpjIsrVZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89f4b4f2792b996fd090d2f7bcd1e494_JaffaCakes118

Files

89f4b4f2792b996fd090d2f7bcd1e494_JaffaCakes118
.exe windows:4 windows x86 arch:x86

debe6f5110697cc284e7de874a05479f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\dcqa\leocc\koja\rzamrun.pdb

Imports

kernel32

ExpandEnvironmentStringsW
GetProcAddress
MoveFileExW
GetStartupInfoA
InitializeCriticalSection
IsBadReadPtr
GetFileAttributesW
HeapAlloc
ReadFile
GetNamedPipeHandleStateA
OutputDebugStringW
GetVersionExW
WriteFile
FreeEnvironmentStringsW
SetThreadLocale
GlobalHandle
GetVersion
ExitProcess
SetThreadContext
GetStringTypeW
FreeEnvironmentStringsA
GlobalUnlock
CopyFileExA
WritePrivateProfileStringW
GetOEMCP
GetLongPathNameW
GetLogicalDriveStringsW
ReadConsoleOutputAttribute
GetStdHandle
GetCurrentProcessId
MoveFileA
FillConsoleOutputCharacterW
CloseHandle
GetLastError
GetFileType
WideCharToMultiByte
HeapFree
TlsGetValue
HeapDestroy
TerminateProcess
FindResourceExA
InterlockedDecrement
GetTimeZoneInformation
GetModuleFileNameA
DeleteAtom
GetProfileStringW
LCMapStringA
SetFileAttributesA
GetPrivateProfileStructW
LCMapStringW
GetCurrentThreadId
SetFilePointer
InterlockedExchange
GetModuleHandleA
GetCalendarInfoA
SetHandleCount
QueryPerformanceCounter
TlsAlloc
SetConsoleScreenBufferSize
WriteConsoleOutputW
WriteConsoleOutputA
VirtualFree
VirtualQuery
LoadLibraryA
GetNumberFormatW
InterlockedIncrement
AddAtomA
GetThreadSelectorEntry
CreateMutexA
HeapCreate
OpenSemaphoreW
MultiByteToWideChar
UnhandledExceptionFilter
GetLocalTime
GetThreadContext
FindResourceA
GetSystemDefaultLangID
GetPrivateProfileStringA
CreateMailslotW
GetProcessAffinityMask
DeleteCriticalSection
CompareStringA
GetTickCount
EnterCriticalSection
GetEnvironmentVariableA
EnumResourceLanguagesW
OpenMutexA
IsBadWritePtr
SetCriticalSectionSpinCount
RtlUnwind
SetConsoleCursorInfo
HeapReAlloc
GetCommandLineA
SetEnvironmentVariableA
FlushFileBuffers
EnumResourceNamesA
GetCPInfo
VirtualAlloc
GetEnvironmentStrings
GetCurrencyFormatW
CreateToolhelp32Snapshot
TlsFree
GetDiskFreeSpaceW
SetLastError
LockFile
FlushViewOfFile
GetSystemTime
CommConfigDialogW
SetStdHandle
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetACP
GetCurrentProcess
LeaveCriticalSection
TlsSetValue
CreateDirectoryA
GetStringTypeA
CompareStringW
HeapSize
FindFirstFileA
CreateNamedPipeW
GetCurrentThread
SetConsoleCtrlHandler

shell32

ShellExecuteA
SHFormatDrive

comctl32

ImageList_Read
CreatePropertySheetPageW
ImageList_GetFlags
DrawStatusTextW
ImageList_DrawIndirect
ImageList_SetFlags
CreateMappedBitmap
ImageList_LoadImage
_TrackMouseEvent
ImageList_DragLeave
ImageList_Merge
ImageList_GetIconSize
DrawInsert
ImageList_Remove
CreatePropertySheetPage
ImageList_DragShowNolock
CreateToolbar
ImageList_AddIcon
InitCommonControlsEx
DestroyPropertySheetPage
ImageList_SetDragCursorImage
InitMUILanguage
ImageList_Duplicate
ImageList_Draw

user32

CreateDialogParamA
RegisterClassExA
RegisterDeviceNotificationW
CreateWindowExW
SetWindowLongA
GetShellWindow
ChildWindowFromPointEx
UnregisterDeviceNotification
GetActiveWindow
RegisterClassA
DefFrameProcA
TranslateMDISysAccel
IsCharLowerA
ModifyMenuA
GetMessageTime
FindWindowExW
MapWindowPoints
SendNotifyMessageA
DefWindowProcW
PostThreadMessageW
GetUserObjectInformationA
SetScrollPos
CallMsgFilter
DialogBoxIndirectParamW
MessageBoxW
EnumDisplayDevicesW
LoadMenuA
TileChildWindows
SetProcessWindowStation
BroadcastSystemMessageA
GetMessageExtraInfo
GetTitleBarInfo
ShowWindow
BringWindowToTop
OpenInputDesktop
DrawIcon
RegisterWindowMessageW
AnyPopup
DlgDirListComboBoxA
IsCharAlphaA
DefDlgProcW
CreateWindowExA
GetThreadDesktop
DestroyWindow
OpenClipboard
CreateCursor
SetCursorPos
GetDesktopWindow
GetDCEx
GetWindowThreadProcessId
WinHelpA
DrawCaption
RegisterDeviceNotificationA
SetWindowsHookExW
ChangeMenuA
ShowCursor
IsDlgButtonChecked

comdlg32

GetFileTitleW

gdi32

GetObjectType
DescribePixelFormat
CreateScalableFontResourceW

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

debe6f5110697cc284e7de874a05479f

Headers

File Characteristics

PDB Paths

Imports

kernel32

shell32

comctl32

user32

comdlg32

gdi32

Sections

.text Size: 115KB - Virtual size: 114KB

.rdata Size: 102KB - Virtual size: 102KB

.data Size: 90KB - Virtual size: 118KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 115KB - Virtual size: 114KB

.rdata
Size: 102KB - Virtual size: 102KB

.data
Size: 90KB - Virtual size: 118KB

.rsrc
Size: 14KB - Virtual size: 13KB