9675126225e044273eecc827225e64c4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9675126225e044273eecc827225e64c4_JaffaCakes118
Size

601KB
MD5

9675126225e044273eecc827225e64c4
SHA1

2f26147f0ce810e9fbb8d61f6815773cab5d9f1f
SHA256

20be5f4a11e26f1bf439b2cb33e6aa940075eaf3ee4b7027fe45d8ecfea17b9b
SHA512

1e1ce5cebfb3a2afee2b7debb95efee9fef1fc48fd6c3b8cee91a3e996ba13ea7af644803d49e8bc2ed1a840280122a56a7cdbafc967e685764aa395eae8eddf
SSDEEP

12288:4p6f1u6q6vyiNaEocpaC4EUy5qyTxzSAQj9H3GAFJFiu:I6XvveEdqyT5SdWATFiu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9675126225e044273eecc827225e64c4_JaffaCakes118

Files

9675126225e044273eecc827225e64c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c4386996716875201077de0663811ea6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\sewmeaqse\tzaffqe.PDB

Imports

kernel32

GetProcAddress
HeapFree
VirtualFree
InitializeCriticalSectionAndSpinCount
GetStartupInfoA
GetCPInfo
FlushFileBuffers
UnhandledExceptionFilter
GetCurrentThreadId
OutputDebugStringW
InterlockedIncrement
GetConsoleCP
LoadLibraryW
GetModuleHandleW
GetEnvironmentStringsW
GetUserDefaultLCID
GetCommandLineW
TlsSetValue
CompareStringA
RaiseException
GetConsoleOutputCP
InterlockedDecrement
MultiByteToWideChar
QueryPerformanceCounter
GetStdHandle
GetOEMCP
PulseEvent
LoadLibraryA
GlobalFindAtomA
IsBadReadPtr
GetDriveTypeW
EnumSystemLocalesA
VirtualQuery
IsValidLocale
HeapCreate
OpenSemaphoreA
LCMapStringW
GetACP
HeapReAlloc
ExitProcess
EnterCriticalSection
GetTickCount
HeapValidate
LeaveCriticalSection
FreeLibrary
GetCurrentThread
GetCurrentDirectoryA
GetLastError
GetTimeZoneInformation
GetStartupInfoW
WideCharToMultiByte
IsDebuggerPresent
GetProcAddress
ReadFile
GetTimeFormatA
GetFileType
OutputDebugStringA
InterlockedExchange
TlsAlloc
GetCommandLineA
FindNextFileA
SetConsoleCtrlHandler
GetModuleFileNameW
GetProfileIntW
GetProcessHeap
SetLastError
GetStringTypeW
WriteFile
GetLocaleInfoA
WriteConsoleW
ReleaseMutex
SetStdHandle
GetSystemTimeAsFileTime
GetCurrentProcessId
CompareStringW
GetModuleFileNameA
EnumDateFormatsW
FindResourceW
RtlUnwind
SetHandleCount
IsValidCodePage
SetUnhandledExceptionFilter
Sleep
TlsFree
GetDateFormatA
HeapAlloc
VirtualAlloc
GetCurrentProcess
HeapSize
CreateFileA
HeapDestroy
WriteConsoleA
WriteConsoleInputA
DebugBreak
SetFilePointer
FileTimeToDosDateTime
FreeEnvironmentStringsW
TerminateProcess
CreateMutexA
CloseHandle
DeleteCriticalSection
GetLocaleInfoW
GlobalCompact
GetModuleHandleA
GetConsoleMode
OpenMutexA
GetStringTypeA
GetFullPathNameW
lstrlenA
SetEnvironmentVariableA
LCMapStringA
TlsGetValue

comctl32

ImageList_DrawIndirect
ImageList_Draw
InitCommonControlsEx
ImageList_AddIcon
CreateUpDownControl

user32

DefWindowProcW
ShowWindow
MessageBoxW
AnimateWindow
DestroyWindow
RegisterClassA
CreateWindowExA
OpenWindowStationA
RegisterClassExA

comdlg32

ChooseColorW
GetFileTitleW
FindTextA

Sections

.text
Size: 311KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 155KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4386996716875201077de0663811ea6

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

comdlg32

Sections

.text Size: 311KB - Virtual size: 311KB

.rdata Size: 155KB - Virtual size: 181KB

.data Size: 95KB - Virtual size: 94KB

.rsrc Size: 38KB - Virtual size: 38KB

.text
Size: 311KB - Virtual size: 311KB

.rdata
Size: 155KB - Virtual size: 181KB

.data
Size: 95KB - Virtual size: 94KB

.rsrc
Size: 38KB - Virtual size: 38KB