adecc1b4be11313f0f7500f0017a9646_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

adecc1b4be11313f0f7500f0017a9646_JaffaCakes118
Size

546KB
MD5

adecc1b4be11313f0f7500f0017a9646
SHA1

264dbb4b909bb0cc5b473f8815a93dc22e8db4af
SHA256

71bf1492a9eb5cc25c7c5e61c562d4301ae5f1b43dfd81438447191b42bd4719
SHA512

e8c3b931bbc0aa76db67a5510962b54f3005f7888f9dec3a1af4b0822e8294d271dff320b5a6063df598c53268ccd3854a33294e8ff2169f3852ec24d08d9e89
SSDEEP

12288:5saQ3NuCgGHi6otUuWpTjZzVh+7GhOSJhOr68k:ua8uCpHixKzVh+7RkOG8k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adecc1b4be11313f0f7500f0017a9646_JaffaCakes118

Files

adecc1b4be11313f0f7500f0017a9646_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1bfb99635b87293efa8734d7d1f096d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\avwhxszv\xteehbs\wvxhjhkbe\blojn.pdb

Imports

wininet

HttpSendRequestW
InternetCheckConnectionW
InternetGetLastResponseInfoW
HttpQueryInfoW
InternetCrackUrlA
FtpOpenFileA
InternetReadFileExA

user32

SetCursor
ShowCaret
CharPrevExA
RegisterClassA
LoadCursorA
RegisterClassExA
GetMessagePos
SetShellWindow
DefMDIChildProcA
WaitMessage
IsDialogMessage
PostQuitMessage
EnumWindowStationsW
GetMenuContextHelpId
UnregisterDeviceNotification
EnumThreadWindows

gdi32

ResetDCA
PolyDraw
CreateColorSpaceW
CopyMetaFileA
AnimatePalette
SetColorSpace
GetMetaRgn

kernel32

GetEnvironmentStrings
GetSystemTimeAsFileTime
GetCurrentProcess
WriteConsoleA
LCMapStringW
MultiByteToWideChar
CloseHandle
LoadLibraryA
GetVersionExA
WriteFile
TlsGetValue
MapViewOfFile
OpenMutexA
GetModuleFileNameW
GetConsoleMode
IsDebuggerPresent
ExitProcess
GetProcAddress
GetCurrentThread
QueryPerformanceCounter
SetStdHandle
HeapCreate
TerminateProcess
GetCommandLineA
EnumSystemLocalesA
RtlUnwind
LockFile
GetStringTypeW
LCMapStringA
LeaveCriticalSection
VirtualQuery
GetSystemDefaultLangID
HeapDestroy
DeleteCriticalSection
GetStringTypeA
TlsAlloc
ReleaseMutex
GetFileType
GetTimeZoneInformation
GetDateFormatA
GetLocaleInfoW
ReadFile
SetUnhandledExceptionFilter
GetStartupInfoA
EnterCriticalSection
GetCurrentProcessId
GetEnvironmentStringsW
InterlockedDecrement
SetEnvironmentVariableA
FindResourceW
GetLocaleInfoA
GetStdHandle
HeapFree
GetUserDefaultLCID
FreeLibrary
CompareStringA
HeapAlloc
DeleteFileA
GetCommandLineW
GetTimeFormatA
GetACP
InterlockedIncrement
VirtualAlloc
WriteConsoleW
CreateMutexA
VirtualFree
CompareStringW
DeleteAtom
GetConsoleCP
SetLastError
UnhandledExceptionFilter
FileTimeToLocalFileTime
SetFilePointer
IsValidCodePage
IsValidLocale
HeapSize
GetStartupInfoW
GetModuleFileNameA
GetCurrentThreadId
TlsFree
Sleep
FlushFileBuffers
GetCPInfo
InterlockedExchange
CreateFileA
FreeEnvironmentStringsW
InitializeCriticalSection
TlsSetValue
GetTickCount
FindResourceExA
HeapReAlloc
SetConsoleCtrlHandler
LocalSize
GetModuleHandleA
SetHandleCount
WideCharToMultiByte
FreeEnvironmentStringsA
GetProcessHeap
GetConsoleOutputCP
GetOEMCP
GetLastError
GetConsoleTitleW

comctl32

InitCommonControlsEx

Sections

.text
Size: 359KB - Virtual size: 358KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1bfb99635b87293efa8734d7d1f096d

Headers

File Characteristics

PDB Paths

Imports

wininet

user32

gdi32

kernel32

comctl32

Sections

.text Size: 359KB - Virtual size: 358KB

.rdata Size: 64KB - Virtual size: 75KB

.data Size: 108KB - Virtual size: 107KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 359KB - Virtual size: 358KB

.rdata
Size: 64KB - Virtual size: 75KB

.data
Size: 108KB - Virtual size: 107KB

.rsrc
Size: 14KB - Virtual size: 14KB