970fbb63cd10a6f7a1cef5e1dd2daef3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

970fbb63cd10a6f7a1cef5e1dd2daef3_JaffaCakes118
Size

408KB
MD5

970fbb63cd10a6f7a1cef5e1dd2daef3
SHA1

2c06ced683cb325c27d9a6625d3b319f797a65e5
SHA256

fc60c3137985dcc21e6e3ca01c4467738a12be69dc0f22444304647f4fd6acee
SHA512

b19bcdcb48e8ecdfd9a2dfbc4dabdeeedf3078f5f788c03993710bc3dfe20a65b640daa02a7263bb17cbd017643feea6e011232f7a6d26901c763241aabab1e4
SSDEEP

12288:4n3D7m951Jg+qsMptj/1d8rGTW58rdyXWHt2E5JwNSZ9upnuBul7kcaz1UL3P5fS:4n3D7K5AXsMp11dCoW58rg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
970fbb63cd10a6f7a1cef5e1dd2daef3_JaffaCakes118

Files

970fbb63cd10a6f7a1cef5e1dd2daef3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eefa1c504d080d90351af59d25a3b91b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\xtxgog.PDB

Imports

kernel32

ExitProcess
GetCommandLineA
QueryPerformanceCounter
GetCurrentProcess
GetLocalTime
GetProcAddress
VirtualFree
UnhandledExceptionFilter
SetEvent
GetPrivateProfileStringW
HeapFree
OpenMutexA
HeapAlloc
GetCPInfo
GetTickCount
InterlockedDecrement
GetModuleHandleA
LocalSize
GetModuleFileNameA
VirtualAlloc
GetStringTypeW
SetFilePointer
InitializeCriticalSection
SetEnvironmentVariableA
GetSystemTime
GetCurrentThread
GetCurrentThreadId
ReleaseMutex
WideCharToMultiByte
GetVersion
GetStringTypeA
GetShortPathNameA
CloseHandle
GetDriveTypeW
LCMapStringW
HeapCreate
MultiByteToWideChar
CompareStringA
GetStartupInfoW
HeapReAlloc
TlsSetValue
RtlUnwind
LCMapStringA
FindFirstFileExA
GetThreadTimes
IsBadWritePtr
SetStdHandle
HeapDestroy
InterlockedExchange
TlsAlloc
SetLastError
DeleteCriticalSection
LeaveCriticalSection
FreeEnvironmentStringsA
VirtualQuery
CreateMutexA
GetModuleFileNameW
TerminateProcess
GetFileType
CreateFileMappingA
SetHandleCount
CompareStringW
InterlockedIncrement
GetTimeZoneInformation
CreateDirectoryExA
EnterCriticalSection
GetCalendarInfoW
LoadLibraryA
GetEnvironmentStrings
GetStartupInfoA
TlsFree
FreeEnvironmentStringsW
GetLastError
GetCommandLineW
GetCurrentProcessId
WriteFile
FlushFileBuffers
TlsGetValue
GetSystemTimeAsFileTime
ReadConsoleOutputAttribute
GetStdHandle
EnumDateFormatsExA
GetEnvironmentStringsW
ReadFile
lstrcpynA

comctl32

CreateStatusWindowA
InitCommonControlsEx
ImageList_Add
ImageList_GetDragImage
DrawInsert
ImageList_Remove
DrawStatusTextW
ImageList_SetFlags
ImageList_SetImageCount
ImageList_SetDragCursorImage
ImageList_LoadImageA
ImageList_DrawEx
InitMUILanguage
ImageList_AddIcon
CreatePropertySheetPage
ImageList_GetImageInfo
ImageList_DragLeave
CreateStatusWindowW
ImageList_EndDrag
ImageList_Create

user32

DragObject
CharToOemW
GetClipboardOwner
DefWindowProcA
TranslateMDISysAccel
FillRect
InvalidateRect
DestroyWindow
DragDetect
InsertMenuItemW
RegisterClassA
FrameRect
EmptyClipboard
CheckMenuRadioItem
PeekMessageA
EnumPropsW
MessageBoxA
RegisterClassExA
CreateMDIWindowW
ShowWindow
CallMsgFilterA
CreateWindowExA
MessageBoxExA
TrackPopupMenu
DlgDirSelectComboBoxExA
EnumWindowStationsW
GetDC

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eefa1c504d080d90351af59d25a3b91b

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 132KB - Virtual size: 128KB

.data Size: 100KB - Virtual size: 126KB

.rsrc Size: 56KB - Virtual size: 54KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 132KB - Virtual size: 128KB

.data
Size: 100KB - Virtual size: 126KB

.rsrc
Size: 56KB - Virtual size: 54KB