9fea20d57dd1f1d7eaa76ff650f597ce_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9fea20d57dd1f1d7eaa76ff650f597ce_JaffaCakes118
Size

62KB
MD5

9fea20d57dd1f1d7eaa76ff650f597ce
SHA1

0fe087aec0745f1fec2ee91441b979323b295d3f
SHA256

e02f98b91ff24bff887d736b4792cb2faef51eca00753a8c212c5f49aae8a12f
SHA512

ac9b398f8f93dca2ffaf3ffc6ebc80dfb6301535546bbb261acb672dd4093e5676e0ff59645c2b8808b5cd2de3558c5bbdec224c46a054151968745fd6973ec2
SSDEEP

768:sYxKDLiRwerjv7zC+Og8mqMOtnqf4UB/EhJ4/b3PBMoYtED7jCnRPnAm1KVHrH/j:VKviRweH7W+Og8mqMOtnqwde8Gw9OHr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9fea20d57dd1f1d7eaa76ff650f597ce_JaffaCakes118

Files

9fea20d57dd1f1d7eaa76ff650f597ce_JaffaCakes118
.exe windows:5 windows x86 arch:x86

20a5f893ad248abf73d3c7753a208e19

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\project\poco\td-new\TDHOSTER.pdb

Imports

shlwapi

PathFindSuffixArrayW
SHSetValueW
SHGetValueW
StrDupW
PathRemoveArgsW
PathMakePrettyW
PathRenameExtensionA
wvnsprintfA
PathParseIconLocationA
SHRegSetPathA
wnsprintfW
ord16
SHRegCreateUSKeyW
StrToIntExW
StrCpyW
StrRStrIA
PathGetDriveNumberA
SHSkipJunction
StrToIntA
PathAddBackslashA
StrStrA
StrChrA
wvnsprintfW
SHRegWriteUSValueA

kernel32

IsProcessorFeaturePresent
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapDestroy
HeapCreate
GetCurrentThread
InterlockedDecrement
GetLastError
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
lstrcatA
lstrcpyA
lstrcpynA
lstrcmpiW
GetSystemDirectoryW
Process32NextW
GetProcessHeaps
FindNextFileA
GlobalSize
GetExitCodeThread
HeapValidate
ClearCommError
CopyFileA
SwitchToFiber
GlobalUnfix
MapViewOfFileEx
Process32FirstW
SetThreadPriority
FileTimeToLocalFileTime
EnumResourceTypesW
GetModuleHandleA
UnhandledExceptionFilter
VirtualAlloc
GetVolumeInformationA
WideCharToMultiByte
Sleep
HeapReAlloc
HeapAlloc
GetStringTypeW
MultiByteToWideChar
LCMapStringW
HeapSize
HeapFree
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetLocaleInfoW
LoadLibraryW
InterlockedExchange
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
FreeLibrary
SetConsoleCtrlHandler
EnterCriticalSection
WriteFile
DecodePointer
ExitProcess
GetModuleHandleW
GetProcAddress
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
FatalAppExitA

user32

PostMessageW
WaitForInputIdle
DeleteMenu
PostQuitMessage
SetKeyboardState
AppendMenuA
GetDC
ModifyMenuA
ShowWindow
VkKeyScanW
GetUpdateRgn
IsMenu
SetWindowTextA

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize
CoCreateInstance
CoSetProxyBlanket

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantInit

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20a5f893ad248abf73d3c7753a208e19

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

user32

shell32

ole32

oleaut32

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 5KB - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB