a9f3ecb2c31e5dd68c278bcb07fa5b04_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a9f3ecb2c31e5dd68c278bcb07fa5b04_JaffaCakes118
Size

740KB
MD5

a9f3ecb2c31e5dd68c278bcb07fa5b04
SHA1

a9cd7e863f664ad4f89aeed031a0beafd2e8952a
SHA256

c7a5f155a74c860928bb1af27390035b13691b95b57fc9287f9e9a7f9b77361d
SHA512

78a186804d5430c3e92fe92b361a55ab1b67b5ce899040e2c900113414d2620bbba93b110de4d500104580267bdad8f01677d046b43a572877c7bd83ee29c15b
SSDEEP

12288:Q6AIMigiN3rawuHvbPiwBQXSMPBkEKhvffdblNqrS0rzSCIU:Q6AIDxF6riwCXdIvffdRIr1/f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9f3ecb2c31e5dd68c278bcb07fa5b04_JaffaCakes118

Files

a9f3ecb2c31e5dd68c278bcb07fa5b04_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aceb78f6848f477686025f6a7bf5757e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\fkewuuxuv\re

Imports

kernel32

GetLocaleInfoA
QueryPerformanceCounter
EnumSystemLocalesA
GetConsoleCP
TlsGetValue
TerminateProcess
LeaveCriticalSection
IsDebuggerPresent
GetNamedPipeInfo
GetCPInfo
GetStdHandle
GetStringTypeW
EnumDateFormatsA
LoadLibraryA
LCMapStringA
FreeEnvironmentStringsA
WriteConsoleW
SetFilePointer
FreeEnvironmentStringsW
GetModuleFileNameW
GetDateFormatA
GetEnvironmentStringsW
lstrcpyW
GetLastError
SetLastError
GetCurrentProcess
SetStdHandle
FreeLibrary
GetCommandLineA
ReadFile
SetEnvironmentVariableA
WideCharToMultiByte
GetLocaleInfoW
GetOEMCP
OutputDebugStringA
ExitProcess
FlushFileBuffers
VirtualQuery
GetCurrentThreadId
TlsSetValue
GetStartupInfoA
GetProcAddress
GetStringTypeA
HeapValidate
OpenMutexA
GetACP
DebugBreak
InterlockedDecrement
GetProcessHeap
HeapReAlloc
HeapAlloc
HeapCreate
IsValidCodePage
GetVersionExA
CompareStringA
VirtualAlloc
GetConsoleMode
SetUnhandledExceptionFilter
InterlockedExchange
WriteFile
DeleteCriticalSection
OutputDebugStringW
GetUserDefaultLCID
GetSystemTimeAsFileTime
InitializeCriticalSection
InterlockedIncrement
IsValidLocale
TlsFree
GetCurrentProcessId
IsBadReadPtr
LoadLibraryW
GetModuleFileNameA
TlsAlloc
GetModuleHandleA
MultiByteToWideChar
GetConsoleOutputCP
LCMapStringW
RtlUnwind
GetTickCount
UnhandledExceptionFilter
GetTimeFormatA
GetTimeZoneInformation
GetEnvironmentStrings
GetFileType
WriteConsoleA
EnumResourceTypesW
HeapFree
VirtualFree
CompareStringW
RaiseException
lstrlenA
CloseHandle
EnterCriticalSection
CreateFileA
HeapDestroy
SetHandleCount
SetConsoleCtrlHandler
GetCurrentThread
CreateMutexA

gdi32

DescribePixelFormat
EqualRgn
SetWinMetaFileBits
CopyEnhMetaFileA
GetKerningPairsA
EndPath

comctl32

ImageList_SetFlags
ImageList_DragEnter
ImageList_SetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_DragLeave
MakeDragList
CreateStatusWindowA
ImageList_LoadImage
DrawStatusText
InitCommonControlsEx
ImageList_Destroy
ImageList_Create
ImageList_DragShowNolock
ImageList_LoadImageA
GetEffectiveClientRect
DestroyPropertySheetPage

user32

RegisterClassExA
DdeReconnect
TrackPopupMenu
EnumWindowStationsA
GetTabbedTextExtentW
UnionRect
SetProcessWindowStation
CloseWindowStation
MessageBoxW
RegisterClassA
SendMessageA
DestroyWindow
ShowWindow
OpenInputDesktop
GetWindowThreadProcessId
GetClassWord
CreateDialogParamW
ShowCaret
CreateIconFromResourceEx
RealChildWindowFromPoint
WinHelpA
RedrawWindow
DefWindowProcW
CreateWindowExA
ChangeDisplaySettingsExW
DialogBoxIndirectParamA
PaintDesktop
WaitForInputIdle
GetNextDlgGroupItem

Sections

.text
Size: 296KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 288KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aceb78f6848f477686025f6a7bf5757e

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

comctl32

user32

Sections

.text Size: 296KB - Virtual size: 293KB

.rdata Size: 288KB - Virtual size: 286KB

.data Size: 116KB - Virtual size: 134KB

.rsrc Size: 36KB - Virtual size: 32KB

.text
Size: 296KB - Virtual size: 293KB

.rdata
Size: 288KB - Virtual size: 286KB

.data
Size: 116KB - Virtual size: 134KB

.rsrc
Size: 36KB - Virtual size: 32KB