9fc822da93db0ad6a1b0c203bd74506d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9fc822da93db0ad6a1b0c203bd74506d_JaffaCakes118
Size

588KB
MD5

9fc822da93db0ad6a1b0c203bd74506d
SHA1

9897d337e2a2af24854125087c2d558b2609588b
SHA256

6a20a22f50a6610b197a343a6d36e0c7799a26a8fb7eea7388c7e33d3420bba5
SHA512

3af343bbbc9cb6519e83d1008f93bebf92ab7a5c1d8ed75da59f957a294453c051beda63e0fc7b3485b65676126a515a3a288b1f7385d733d278533d77d24737
SSDEEP

12288:aWZMUZs9++2aX1YM43d/C2ieUtdck6UTJuQ4Omp3v:aOMUZe3ZX1m3d/9odv6Un4X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9fc822da93db0ad6a1b0c203bd74506d_JaffaCakes118

Files

9fc822da93db0ad6a1b0c203bd74506d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57e9a41987f21e9f76354460daf136b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\giesxbzr\ngz\atgcvrce\k

Imports

comctl32

CreateStatusWindowA
ImageList_GetBkColor
ImageList_LoadImageA
ImageList_EndDrag
ImageList_GetDragImage
InitCommonControlsEx
ImageList_DrawEx
CreateStatusWindowW
ImageList_SetDragCursorImage
DestroyPropertySheetPage
ImageList_SetIconSize
ImageList_DragShowNolock
ImageList_GetIconSize
MakeDragList
ImageList_GetIcon
CreatePropertySheetPage
ImageList_Read
CreateUpDownControl
ImageList_Remove
GetEffectiveClientRect
DrawStatusTextW
ImageList_AddIcon
CreateToolbarEx

user32

CreateWindowExA
CharNextA
DestroyCursor
CreateMDIWindowW
SetWindowLongA
DestroyAcceleratorTable
DestroyIcon
EnumChildWindows
DialogBoxIndirectParamA
BeginPaint
GetForegroundWindow
InsertMenuW
RegisterClassA
DestroyWindow
DefWindowProcA
RegisterClassExA
AdjustWindowRectEx
EnumPropsExA
ShowWindow
MessageBoxW
DdeDisconnect
UnloadKeyboardLayout
InternalGetWindowText
GrayStringA
MenuItemFromPoint
GetQueueStatus
SetWindowRgn
HideCaret
GetFocus
PaintDesktop
ChangeDisplaySettingsW

kernel32

SetFilePointer
OpenMutexA
TlsFree
LCMapStringA
GetCurrentProcessId
GetCurrentThreadId
SetLastError
GetStdHandle
InitializeCriticalSection
HeapCreate
ExitProcess
GetFileType
GetEnvironmentStrings
GetACP
SetEnvironmentVariableA
IsBadWritePtr
LeaveCriticalSection
GetVersion
ReadFile
GetLastError
EnterCriticalSection
FlushFileBuffers
GetModuleHandleA
TlsGetValue
FreeEnvironmentStringsA
WriteFile
GetProcAddress
TlsSetValue
InterlockedDecrement
GetLocalTime
GetModuleFileNameA
HeapAlloc
HeapFree
CompareStringW
TlsAlloc
GetCurrentThread
SetHandleCount
GetStartupInfoA
VirtualQuery
HeapDestroy
GlobalFix
GetEnvironmentStringsW
GetCommandLineA
SetStdHandle
VirtualUnlock
InterlockedIncrement
GetSystemTime
VirtualAlloc
MultiByteToWideChar
HeapReAlloc
GetTickCount
CloseHandle
CreateMutexA
GetNumberFormatA
GetStringTypeA
CompareStringA
InterlockedExchange
FreeEnvironmentStringsW
WideCharToMultiByte
GetStringTypeW
GetCurrentProcess
ReleaseSemaphore
GetOEMCP
LoadLibraryA
GetConsoleOutputCP
QueryPerformanceCounter
VirtualFree
DeleteCriticalSection
GetProfileStringA
GetTimeZoneInformation
TerminateProcess
GetCPInfo
RtlUnwind
UnhandledExceptionFilter
GetSystemTimeAsFileTime
LCMapStringW
FindAtomW

Sections

.text
Size: 188KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57e9a41987f21e9f76354460daf136b3

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

Sections

.text Size: 188KB - Virtual size: 186KB

.rdata Size: 252KB - Virtual size: 248KB

.data Size: 112KB - Virtual size: 113KB

.rsrc Size: 32KB - Virtual size: 30KB

.text
Size: 188KB - Virtual size: 186KB

.rdata
Size: 252KB - Virtual size: 248KB

.data
Size: 112KB - Virtual size: 113KB

.rsrc
Size: 32KB - Virtual size: 30KB