94a473b3f6ddb96b51cd855dd3983975_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

94a473b3f6ddb96b51cd855dd3983975_JaffaCakes118
Size

760KB
MD5

94a473b3f6ddb96b51cd855dd3983975
SHA1

3a2521eab4c9f6af781cfed6b0986cfdec7ce251
SHA256

2dd23e5c292c86e40a7c8e9dde1c69c9a4f49ee2c91a7a34cee558ea67e980fd
SHA512

4b25843a647cb9ee6788ee33c91fa321060a093ddf768a2117c2eed383e29233971aa38d96ac7ec1ccc94fbbeae631bb142fa7130dea97bc0df98a6d03676199
SSDEEP

12288:q2Dlamp44El/+iEwEqH2P8/yTB53lpi44jYuyrEkjN9dGCMCuZA9NqClj0lW5ZgH:xVp44q9Ew9szTBRiPjYdI4NvmSvmqDN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94a473b3f6ddb96b51cd855dd3983975_JaffaCakes118

Files

94a473b3f6ddb96b51cd855dd3983975_JaffaCakes118
.exe windows:4 windows x86 arch:x86

36cfa748612071c26416c9c9a3ebea06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\pmovyava\xsez\

Imports

kernel32

GetTimeFormatA
IsValidCodePage
DeleteAtom
LoadModule
TlsSetValue
GetCurrentProcessId
GetACP
GetAtomNameA
MultiByteToWideChar
WriteFile
UnhandledExceptionFilter
GetTimeZoneInformation
HeapReAlloc
FreeEnvironmentStringsW
GetFileTime
GetProcAddress
LCMapStringW
HeapCreate
TerminateProcess
GetLocaleInfoA
GetCPInfo
GetFileAttributesExA
GetCurrentThread
HeapDestroy
TerminateThread
CommConfigDialogA
OpenMutexA
GetModuleHandleA
VirtualAlloc
EnterCriticalSection
TlsAlloc
SetConsoleCursorPosition
GetSystemInfo
VirtualProtect
LCMapStringA
CompareStringA
EnumCalendarInfoA
GetStringTypeW
VirtualQuery
SetConsoleCtrlHandler
LoadLibraryA
HeapSize
DeleteCriticalSection
GetVersionExA
SetLastError
GetCalendarInfoA
HeapLock
GetLogicalDrives
GetSystemTimeAsFileTime
ResetEvent
lstrcmp
GetStartupInfoA
SetEnvironmentVariableA
CompareStringW
GetModuleFileNameA
InterlockedExchange
TlsGetValue
SetConsoleTitleW
SetHandleCount
LoadLibraryW
IsBadWritePtr
GlobalCompact
OpenFileMappingW
ReadFile
GetStringTypeA
EnumResourceNamesW
HeapAlloc
GetTickCount
GetEnvironmentStrings
GetDateFormatA
GetFileType
GetModuleFileNameW
WideCharToMultiByte
IsBadReadPtr
GetEnvironmentStringsW
SetFilePointer
RtlUnwind
GetCurrentProcess
GetCommandLineW
GetFileSize
IsValidLocale
LockResource
GetStdHandle
GetLastError
LeaveCriticalSection
GetCurrentThreadId
VirtualFree
WaitCommEvent
CreateMutexA
FindFirstFileA
GetUserDefaultLCID
HeapFree
ExitProcess
GetOEMCP
CreateProcessW
GetCommandLineA
FreeEnvironmentStringsA
GetLocaleInfoW
DebugActiveProcess
QueryPerformanceCounter
SetStdHandle
FlushFileBuffers
CloseHandle
GetNamedPipeHandleStateW
GetNumberFormatA
GetStartupInfoW
GetSystemDirectoryW
EnumSystemLocalesA
InitializeCriticalSection
TlsFree

user32

DlgDirListW
MessageBoxA
RegisterClassA
LoadMenuW
SetWindowsHookExA
CreateWindowExA
DialogBoxIndirectParamW
RegisterClassExA
DefWindowProcW
DefWindowProcA
ChangeClipboardChain
GetKeyboardLayoutList
MapVirtualKeyA
GetDlgItemInt
GetMessageA
SetMenuDefaultItem
GetDlgItem
InsertMenuItemA
ShowWindow
DestroyWindow
GetClassInfoExA

comctl32

ImageList_GetBkColor
CreateMappedBitmap
ImageList_DrawEx
ImageList_LoadImageW
InitCommonControlsEx
ImageList_DragShowNolock
DestroyPropertySheetPage
DrawStatusTextA

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 404KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36cfa748612071c26416c9c9a3ebea06

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

Sections

.text Size: 196KB - Virtual size: 195KB

.rdata Size: 404KB - Virtual size: 401KB

.data Size: 136KB - Virtual size: 140KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 196KB - Virtual size: 195KB

.rdata
Size: 404KB - Virtual size: 401KB

.data
Size: 136KB - Virtual size: 140KB

.rsrc
Size: 20KB - Virtual size: 16KB