a5f5e75ff1c9d8fe798b522821a8e327_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a5f5e75ff1c9d8fe798b522821a8e327_JaffaCakes118
Size

344KB
MD5

a5f5e75ff1c9d8fe798b522821a8e327
SHA1

af4782bb0d439cfd42b179ae14aa7fce879c1490
SHA256

c9b7a4947d6732a20cef0517824632046a4321d4ed4649bc5da00c8852bc8d70
SHA512

d6cd50180190f703a0739796f78ada161e96d41c30213f52d0f21031e89573cb9f0db630622ef1d49ce5fd78e73ec1ea8cef34184b5722947930f0ae6525aa08
SSDEEP

6144:bb3dkcyhVUYrfuBBH/jzjyBW7hKAiPYNdeobEaWW9ndxXlo3oftV4jnZWxE2ciLD:bb3dkZUYjcFnjsChK7PYlbEaW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5f5e75ff1c9d8fe798b522821a8e327_JaffaCakes118

Files

a5f5e75ff1c9d8fe798b522821a8e327_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ef75b9432d1ef2aa37e142ca0434a71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\vsw\shbnabelmy\eexqxgbbl\paojmen.pdb

Imports

kernel32

CreateFileA
TlsGetValue
OpenEventW
InterlockedExchange
GetModuleHandleA
CreateMutexA
Sleep
WideCharToMultiByte
GlobalHandle
GetModuleFileNameW
GetLogicalDriveStringsW
TlsAlloc
VirtualAlloc
HeapFree
SetStdHandle
MultiByteToWideChar
RtlUnwind
TlsSetValue
ReleaseMutex
GetStartupInfoA
GetUserDefaultLCID
InterlockedIncrement
GetTimeFormatA
InitializeCriticalSection
HeapCreate
GetNamedPipeHandleStateW
TlsFree
HeapReAlloc
VirtualProtect
CloseHandle
GetCurrentThreadId
GetEnvironmentStringsW
LocalFlags
HeapDestroy
IsBadWritePtr
GetOEMCP
FreeEnvironmentStringsA
GetSystemDefaultLangID
GetTimeZoneInformation
CreateToolhelp32Snapshot
EnumCalendarInfoW
GetProfileStringA
TerminateProcess
GetCompressedFileSizeA
GetSystemTimeAsFileTime
GlobalUnfix
GetSystemInfo
CompareStringA
DeleteCriticalSection
VirtualFree
LoadLibraryA
GetCurrentProcess
GetVersionExA
SleepEx
GetFileType
GetModuleFileNameA
LCMapStringA
ReadFile
SetFilePointer
GetLocaleInfoW
HeapSize
HeapAlloc
DosDateTimeToFileTime
CompareFileTime
SetHandleCount
OpenMutexA
GetACP
QueryPerformanceCounter
GetCurrencyFormatW
GetCommandLineA
GetLocaleInfoA
IsValidLocale
HeapValidate
LocalReAlloc
GetTickCount
SetFileAttributesA
GetCommandLineW
GetCPInfo
GetLastError
IsValidCodePage
WriteFile
ExitProcess
GetStringTypeW
EnumDateFormatsA
LCMapStringW
GetPrivateProfileStructW
LeaveCriticalSection
VirtualQuery
GetProcAddress
CompareStringW
AllocConsole
GetStdHandle
GetStringTypeA
EnterCriticalSection
GetDateFormatA
lstrcmpiA
FindResourceExA
SetEnvironmentVariableA
GetCurrentProcessId
SetLastError
UnhandledExceptionFilter
GetEnvironmentStrings
EnumSystemLocalesA
GetCurrentThread
FlushFileBuffers
GetStartupInfoW
FreeEnvironmentStringsW

user32

DlgDirSelectExA
GetDC
CreateDesktopA
RegisterClassExA
FillRect
ShowWindow
SetDoubleClickTime
DdeQueryStringW
GetScrollRange
EnumDisplaySettingsExW
GetKeyboardType
GetTopWindow
SetWindowWord
GetWindowTextW
DefWindowProcW
IsZoomed
DefWindowProcA
GetWindowLongA
CharToOemBuffW
GetGUIThreadInfo
CopyAcceleratorTableW
TrackMouseEvent
GetNextDlgGroupItem
DeferWindowPos
GetClassNameW
TranslateAcceleratorW
SetPropW
SetKeyboardState
IsCharAlphaNumericW
MessageBoxA
CreateWindowExA
AnyPopup
GetKeyboardLayout
GetWindowInfo
EnumDisplaySettingsA
GetInputState
CreateDialogParamA
DlgDirListW
IsCharAlphaNumericA
CreateDialogParamW
SetPropA
EnableScrollBar
SystemParametersInfoW
GetScrollInfo
GetWindowTextLengthA
RealChildWindowFromPoint
CharLowerW
FlashWindowEx
TileChildWindows
DispatchMessageW
CharUpperW
NotifyWinEvent
DestroyWindow
IsChild
SetMenuContextHelpId
DdeUninitialize
GetWindowTextA
EnumPropsExA
GetCaretPos
GetMenuItemID
GetMessageTime
SetLastErrorEx
LoadImageA
GetUserObjectInformationW
WINNLSGetEnableStatus
RegisterHotKey
LoadIconA
RegisterClassA
CharNextA
DdeDisconnectList
SetCursorPos

comctl32

ImageList_SetOverlayImage
CreateUpDownControl
ImageList_GetFlags
ImageList_EndDrag
ImageList_ReplaceIcon
InitCommonControlsEx

Sections

.text
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ef75b9432d1ef2aa37e142ca0434a71

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

Sections

.text Size: 136KB - Virtual size: 132KB

.rdata Size: 76KB - Virtual size: 72KB

.data Size: 92KB - Virtual size: 96KB

.rsrc Size: 36KB - Virtual size: 32KB

.text
Size: 136KB - Virtual size: 132KB

.rdata
Size: 76KB - Virtual size: 72KB

.data
Size: 92KB - Virtual size: 96KB

.rsrc
Size: 36KB - Virtual size: 32KB