9511a80215d7c273a7972e460b0e41b5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9511a80215d7c273a7972e460b0e41b5_JaffaCakes118
Size

1.2MB
MD5

9511a80215d7c273a7972e460b0e41b5
SHA1

a548daae2e19b58f2c0278b90055f6cfa9c3efa6
SHA256

372f325f969a893d209f4ccad42cf9ebff654a69a72c6ccfefcee1174f8902a4
SHA512

89b77d2cd92403a8a382b2f0449e378ae4c48cee9edb1ea58f5b94684c4245abead35045b2930225f6c4a55db5ea42e669352cb3106aab217f5fc83f395e5984
SSDEEP

24576:ovh+FuvaujRoBn6wlJ18EcqetSO5xHWTD:6h/sn6w9atDJWD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9511a80215d7c273a7972e460b0e41b5_JaffaCakes118

Files

9511a80215d7c273a7972e460b0e41b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e7890df4bc3d8f2ad8a44a052a11426

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\Projects\bladefx2\_projects\svetlograd\Release\Project.pdb

Imports

hge

hgeCreate

xmlparse

XML_SetUserData
XML_SetElementHandler
XML_SetCharacterDataHandler
XML_ParserCreate
XML_GetCurrentLineNumber
XML_GetErrorCode
XML_ErrorString
XML_ParserFree
XML_Parse

audiere

_AdrOpenSound@12
_AdrOpenSampleSource@8
_AdrOpenDevice@8

kernel32

SetEndOfFile
VirtualQuery
GetSystemInfo
VirtualProtect
GetOEMCP
GetACP
FlushFileBuffers
SetStdHandle
QueryPerformanceCounter
QueryPerformanceFrequency
FindClose
OutputDebugStringA
GetVersionExA
Sleep
LocalFree
FormatMessageA
GetComputerNameA
GetLocaleInfoA
GlobalMemoryStatus
GetLastError
GetFileAttributesA
FindNextFileA
FindFirstFileA
GetFileSize
CloseHandle
ReadFile
WriteFile
SetFilePointer
WideCharToMultiByte
MultiByteToWideChar
GetSystemDefaultLCID
GlobalAlloc
GlobalUnlock
GlobalLock
DeleteFileA
CreateDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
WinExec
GetEnvironmentVariableA
GetStringTypeW
GetStringTypeA
GetCPInfo
IsBadCodePtr
IsBadReadPtr
CreateFileA
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
RtlUnwind
RaiseException
ExitProcess
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
HeapReAlloc
HeapSize
SetUnhandledExceptionFilter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameA
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
IsBadWritePtr

user32

MessageBoxA
OpenClipboard
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
EmptyClipboard
SetClipboardData

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteA

Sections

.text
Size: 948KB - Virtual size: 947KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 76KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.drdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1e7890df4bc3d8f2ad8a44a052a11426

Headers

File Characteristics

PDB Paths

Imports

hge

xmlparse

audiere

kernel32

user32

advapi32

shell32

Sections

.text Size: 948KB - Virtual size: 947KB

.rdata Size: 108KB - Virtual size: 107KB

.data Size: 76KB - Virtual size: 85KB

.rsrc Size: 12KB - Virtual size: 9KB

.drdata Size: 68KB - Virtual size: 68KB

.text
Size: 948KB - Virtual size: 947KB

.rdata
Size: 108KB - Virtual size: 107KB

.data
Size: 76KB - Virtual size: 85KB

.rsrc
Size: 12KB - Virtual size: 9KB

.drdata
Size: 68KB - Virtual size: 68KB