a8f5ef47015e128d54ec632193a66efb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a8f5ef47015e128d54ec632193a66efb_JaffaCakes118
Size

340KB
MD5

a8f5ef47015e128d54ec632193a66efb
SHA1

9a03b30ce13ab1e7a1ff01764ba8a9fc133d91e4
SHA256

2eaa9b245c926b07694342c2cf365d59a6c83b7d23cebd2a6aac60561e270dd9
SHA512

8dd43b210c691afce79853bf4590d0f1f470fcb67d4c178e4bda43d9b2a50399e13575a291beb414cb81d628e1c1a966ba6eb341c42096972c9812df025e145e
SSDEEP

6144:USREFWwZk3Wdp3lUeRxevFxU2aE+7soJU/sBXQ4q06pbQU3pz+:UYkWBGvlU8SeBKEBXQ4q06pbTZz+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8f5ef47015e128d54ec632193a66efb_JaffaCakes118

Files

a8f5ef47015e128d54ec632193a66efb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8f772fa2944d166cf87828785d20a20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\veskeju\zxuok\sxh.pdb

Imports

wininet

InternetReadFileExA
InternetLockRequestFile

user32

DdeAccessData
ShowCursor
LoadCursorFromFileA
RegisterClassExA
BlockInput
RegisterClassA

comdlg32

FindTextW

comctl32

ImageList_DragMove
ImageList_AddIcon
ImageList_GetFlags
ImageList_GetImageRect
ImageList_GetDragImage
ImageList_Destroy
ImageList_SetOverlayImage
DestroyPropertySheetPage
ImageList_BeginDrag
ImageList_DrawIndirect
ImageList_SetBkColor
ImageList_Read
ImageList_GetImageInfo
ImageList_AddMasked
CreateToolbarEx
ImageList_DragEnter
DrawStatusTextA
ImageList_Add
CreateToolbar
InitCommonControlsEx

kernel32

GetSystemTimeAsFileTime
TlsAlloc
LCMapStringA
GetUserDefaultLCID
InterlockedExchange
HeapCreate
GetACP
GetCurrentProcessId
InterlockedIncrement
FreeEnvironmentStringsW
CompareStringW
GetDateFormatA
GetModuleHandleA
GetCurrentProcess
WriteConsoleA
GetStdHandle
IsDebuggerPresent
OpenMutexA
GetCPInfo
FillConsoleOutputCharacterA
HeapDestroy
GetEnvironmentStringsW
GetTickCount
GetModuleFileNameW
GetProcessHeap
CreateFileA
GetTimeFormatA
TlsGetValue
GetConsoleCP
SetFilePointer
OpenMutexW
HeapReAlloc
GetOEMCP
GetStringTypeA
CloseHandle
GetLocaleInfoW
InterlockedDecrement
GetStartupInfoA
EnumTimeFormatsW
SetStdHandle
LeaveCriticalSection
RtlUnwind
WideCharToMultiByte
HeapSize
VirtualAlloc
GetFileAttributesW
HeapAlloc
ReadFile
GetStringTypeW
GetFileType
LCMapStringW
InitializeCriticalSection
CreateMutexA
GetModuleFileNameA
MultiByteToWideChar
ReadFileEx
GetLocaleInfoA
GetNamedPipeHandleStateW
FreeEnvironmentStringsA
EnterCriticalSection
GetVersionExA
FlushFileBuffers
SetEnvironmentVariableA
IsValidCodePage
CompareStringA
GetCurrentThreadId
TlsSetValue
GlobalLock
FreeLibrary
IsValidLocale
DeleteCriticalSection
WriteFile
EnumSystemLocalesA
VirtualFree
VirtualQuery
GetLastError
GetConsoleMode
GetSystemInfo
WaitNamedPipeA
GetCurrentThread
Sleep
LoadLibraryA
TlsFree
SetHandleCount
TerminateProcess
WriteConsoleW
WriteConsoleInputA
SetUnhandledExceptionFilter
GetCommandLineA
GetEnvironmentStrings
GetProcAddress
UnhandledExceptionFilter
HeapFree
GetTimeZoneInformation
SetLastError
GlobalUnfix
GetDriveTypeW
GetConsoleOutputCP
QueryPerformanceCounter
ExitProcess
SetConsoleCtrlHandler
ReadConsoleOutputA
CreateProcessA

Sections

.text
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8f772fa2944d166cf87828785d20a20

Headers

File Characteristics

PDB Paths

Imports

wininet

user32

comdlg32

comctl32

kernel32

Sections

.text Size: 217KB - Virtual size: 216KB

.rdata Size: 14KB - Virtual size: 39KB

.data Size: 91KB - Virtual size: 90KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 217KB - Virtual size: 216KB

.rdata
Size: 14KB - Virtual size: 39KB

.data
Size: 91KB - Virtual size: 90KB

.rsrc
Size: 16KB - Virtual size: 16KB