acdeed41c532a129abdce78df0f22b04_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

acdeed41c532a129abdce78df0f22b04_JaffaCakes118
Size

532KB
MD5

acdeed41c532a129abdce78df0f22b04
SHA1

a352bf7d3b876cecaba1e6130227a14c8bdedd87
SHA256

c86f05cfe082182bddd9793428ae123624304447828632441d1f5c54fc8467e7
SHA512

b58b98368906c973c01a27907729e3d57dd60f05fbccd870e0cd9ad90e63a9d0b0d7a6bcf81ffa0cfdb27d04a7cdd37019ea2742524bae96d61ec7c3c0296d04
SSDEEP

12288:KhAn3UKmEkdIInwEOqNmnjAzxidi9pyjFqzp4u:K6nDEtOq7dVzF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acdeed41c532a129abdce78df0f22b04_JaffaCakes118

Files

acdeed41c532a129abdce78df0f22b04_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8aeef82cf1d9785543c45d6460c9fb30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\nsuevkgfkg\xesgjtog\eeyzm.pdb

Imports

comdlg32

PrintDlgW
ChooseFontA
ChooseFontW
GetFileTitleW

comctl32

InitCommonControlsEx

wininet

IsHostInProxyBypassList
InternetSecurityProtocolToStringA
GopherCreateLocatorW
InternetGetCookieW
HttpQueryInfoA
UnlockUrlCacheEntryFile
FtpFindFirstFileA

kernel32

GetLocaleInfoA
CloseHandle
GetConsoleMode
GetTimeZoneInformation
GetStringTypeA
DebugBreak
GetStringTypeW
EnterCriticalSection
GetCPInfo
FreeEnvironmentStringsA
SetFilePointer
LoadLibraryA
DeleteFileW
GetModuleHandleW
CreateMutexA
HeapDestroy
LCMapStringW
WideCharToMultiByte
TlsGetValue
lstrlenA
GetEnvironmentStrings
WriteConsoleW
WriteConsoleA
InterlockedExchange
FreeEnvironmentStringsW
IsValidCodePage
TlsFree
LoadLibraryW
IsValidLocale
HeapSize
GetCalendarInfoA
GetCurrentProcess
IsDebuggerPresent
GetProcAddress
GetTickCount
EnumSystemLocalesW
GetTempPathA
SetStdHandle
HeapAlloc
CompareStringA
UnhandledExceptionFilter
GetLastError
SetUnhandledExceptionFilter
HeapFree
VirtualAlloc
FreeLibrary
GetTimeFormatA
GetUserDefaultLCID
GetStartupInfoA
CompareStringW
InitializeCriticalSectionAndSpinCount
TlsSetValue
LeaveCriticalSection
WriteFile
GetProfileSectionA
SetHandleCount
LCMapStringA
IsBadReadPtr
OutputDebugStringA
TlsAlloc
VirtualFree
GetDateFormatA
OutputDebugStringW
MultiByteToWideChar
GetCurrentDirectoryW
VirtualQuery
GetModuleHandleA
GetModuleFileNameW
DebugActiveProcess
ExitProcess
GetProcessHeap
GetConsoleCP
RtlUnwind
SetConsoleMode
RaiseException
GetSystemTimeAsFileTime
GetConsoleOutputCP
GetACP
EnumSystemLocalesA
QueryPerformanceCounter
GetCommandLineA
TerminateProcess
GetFileType
GetCurrentThreadId
OpenMutexA
HeapReAlloc
CreateFileA
FlushFileBuffers
InterlockedDecrement
GetStdHandle
Sleep
GetEnvironmentStringsW
InterlockedIncrement
GetCurrentProcessId
ReadFile
GetOEMCP
GetLocaleInfoW
FindResourceExA
GetModuleFileNameA
SetConsoleCursorInfo
SetEnvironmentVariableA
SetLastError
HeapCreate
FindResourceW
HeapValidate
GetCurrentThread
SetConsoleCtrlHandler
DeleteCriticalSection

advapi32

RegCreateKeyW
LookupPrivilegeValueA
CryptEnumProviderTypesW
AbortSystemShutdownA
RegDeleteValueW
RegSetValueExW
RegDeleteKeyA
RegReplaceKeyA
LogonUserW

shell32

DragQueryFileAorW
SHBrowseForFolderA
RealShellExecuteExW
ExtractAssociatedIconExA

user32

RegisterClassExA
SetClassWord
EndPaint
IsRectEmpty
EndTask
GetClassNameA
RegisterClassA
ShowScrollBar
LoadImageA
GetWindowTextLengthA
UnregisterDeviceNotification
CharToOemW
GetMenu
BroadcastSystemMessageA
EnumDisplayDevicesA
MonitorFromPoint
IsCharLowerA
DlgDirSelectExA

Sections

.text
Size: 348KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8aeef82cf1d9785543c45d6460c9fb30

Headers

File Characteristics

PDB Paths

Imports

comdlg32

comctl32

wininet

kernel32

advapi32

shell32

user32

Sections

.text Size: 348KB - Virtual size: 348KB

.rdata Size: 75KB - Virtual size: 103KB

.data Size: 95KB - Virtual size: 95KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 348KB - Virtual size: 348KB

.rdata
Size: 75KB - Virtual size: 103KB

.data
Size: 95KB - Virtual size: 95KB

.rsrc
Size: 12KB - Virtual size: 12KB