96a466ee12774ce5ff8749efe6e5f0d1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

96a466ee12774ce5ff8749efe6e5f0d1_JaffaCakes118
Size

691KB
MD5

96a466ee12774ce5ff8749efe6e5f0d1
SHA1

fed8d66c31bcf14e126d9fa3f8daf5ebaf030aae
SHA256

4432bec49e3e6dc41bb46079fcda8b109218166ed946872e06096ee54ab47b1e
SHA512

f7a3b8471a5bfaccbc6c24cb4dbc7fd52efe301980ee1727416ddd2753e32efb55780992c5fb92f4e80aad36659dddec985adadaf5b7b2d7bac67eb5a0d3526e
SSDEEP

12288:XwHwpAMSZHlMmxmDX/qsKnnAg4qDYCmCyHY1dffyt2CKXPGC70:XAmqZyPqsmnAg4qchCyHGrPGV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96a466ee12774ce5ff8749efe6e5f0d1_JaffaCakes118

Files

96a466ee12774ce5ff8749efe6e5f0d1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8c7c6b0b429358ab0e8e5d2d79c741bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\istoezxou\ehamctyy\seoeqa\thene\wixzeoo.pdb

Imports

kernel32

IsValidCodePage
SetStdHandle
LCMapStringW
VirtualFree
GetTimeZoneInformation
OutputDebugStringA
GetProcAddress
LoadLibraryW
FreeEnvironmentStringsA
GetStdHandle
GetProcessHeap
CreateMutexA
GetConsoleCP
WaitCommEvent
GetModuleHandleA
GetUserDefaultLCID
UnlockFile
GetLocaleInfoW
LCMapStringA
HeapCreate
GetConsoleMode
FindNextChangeNotification
EnterCriticalSection
SetFilePointer
HeapValidate
FreeLibrary
GetDateFormatA
HeapAlloc
GetTimeFormatA
InterlockedExchange
FlushFileBuffers
EnumSystemLocalesA
GetSystemTimeAsFileTime
HeapFree
WriteFile
TlsSetValue
HeapReAlloc
InterlockedIncrement
VirtualQuery
SetCurrentDirectoryW
MultiByteToWideChar
SetEnvironmentVariableA
CloseHandle
GetCurrentProcess
TlsGetValue
CompareStringA
InitializeCriticalSection
InterlockedDecrement
GetEnvironmentStringsW
RtlUnwind
GetCurrentProcessId
IsDebuggerPresent
GetFileType
WideCharToMultiByte
OutputDebugStringW
SetConsoleCtrlHandler
GetTickCount
TlsFree
GetStringTypeA
TerminateProcess
WriteConsoleW
ReadFile
LoadLibraryA
SetHandleCount
GetCurrentThread
QueryPerformanceCounter
GetEnvironmentStringsA
lstrlenA
OpenMutexA
WriteConsoleA
GetLastError
GetModuleFileNameA
CompareStringW
DeleteCriticalSection
GetLocaleInfoA
UnhandledExceptionFilter
GetCommandLineA
CreateFileA
TlsAlloc
IsBadReadPtr
DebugBreak
GetCPInfo
GetModuleFileNameW
GetStartupInfoA
LeaveCriticalSection
GetCurrentThreadId
GetOEMCP
GetACP
GetConsoleOutputCP
IsValidLocale
GetStringTypeW
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
ExitProcess
GetVersionExA
VirtualAlloc
GetProfileIntA
GetEnvironmentStrings
SetLastError
HeapDestroy
RaiseException

user32

EndDeferWindowPos
EnumDisplayMonitors
DrawTextA
SetCaretPos
ScreenToClient
DialogBoxParamW
DialogBoxIndirectParamW
LoadMenuW
RegisterClassExA
GetMenuContextHelpId
GetClassInfoExW
CharLowerBuffA
SetWinEventHook
GetPropA
MapVirtualKeyExW
BringWindowToTop
CreateDialogIndirectParamA
EndTask
RegisterClassA
MapWindowPoints
CharToOemBuffA
MenuItemFromPoint
GetQueueStatus
wvsprintfA
InsertMenuA
ArrangeIconicWindows

comctl32

InitCommonControlsEx

Sections

.text
Size: 488KB - Virtual size: 487KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c7c6b0b429358ab0e8e5d2d79c741bd

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

Sections

.text Size: 488KB - Virtual size: 487KB

.rdata Size: 87KB - Virtual size: 102KB

.data Size: 107KB - Virtual size: 106KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 488KB - Virtual size: 487KB

.rdata
Size: 87KB - Virtual size: 102KB

.data
Size: 107KB - Virtual size: 106KB

.rsrc
Size: 8KB - Virtual size: 7KB