ae80d1ae4d099c836e6323d655fa0ed0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ae80d1ae4d099c836e6323d655fa0ed0_JaffaCakes118
Size

352KB
MD5

ae80d1ae4d099c836e6323d655fa0ed0
SHA1

0c12ffbe05c9be2233d17b8936195d7e4db70d46
SHA256

38cccd23d7d3a0c60f8da2654cb7bae8567e18a8da347902a81f455f48e77bbd
SHA512

e14797814484167de0735d253c7dd07fe01c6d1975725c5953293792273f025464edf26ba320a51e820693b5cb912a7a052dbdac8d47b4f6b7a3c1bb0b1b24a9
SSDEEP

6144:+uNv6zZwVfVKjERHItMVhGsSJ1ake5LgRKbILd4:+g1VsPZsSSke5gRkI+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae80d1ae4d099c836e6323d655fa0ed0_JaffaCakes118

Files

ae80d1ae4d099c836e6323d655fa0ed0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e2a31a8c06940a894f4bb2a9304d2571

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\uliiereye\nai\tlwh\edome

Imports

user32

ChangeDisplaySettingsExW
DefDlgProcA
CloseClipboard
GetClipboardFormatNameW
DdeClientTransaction
RegisterClassExA
CreateDialogParamW
LoadImageA
RegisterClassA
SubtractRect
DrawEdge
EnumDesktopWindows
EnumPropsExA
EndPaint
EnumClipboardFormats

kernel32

GetVersionExA
InterlockedExchange
HeapDestroy
EnterCriticalSection
SetLastError
CreateMutexA
EnumResourceTypesW
LCMapStringW
LeaveCriticalSection
LCMapStringA
HeapReAlloc
WriteFile
GetLogicalDriveStringsW
HeapFree
GetThreadContext
HeapCreate
GetCurrentProcess
GetEnvironmentStrings
SetEnvironmentVariableA
CreateFileW
GetSystemTimeAsFileTime
LoadLibraryA
HeapSize
GetSystemInfo
ExitProcess
ReadFile
GetCommandLineA
FillConsoleOutputCharacterW
VirtualFree
TlsAlloc
GetSystemDirectoryA
OpenMutexA
FlushFileBuffers
TlsGetValue
GetStringTypeW
GetTickCount
GetCPInfo
SetHandleCount
CompareStringA
EnumSystemLocalesA
GetTimeZoneInformation
CompareStringW
GetLocaleInfoA
CreateMailslotA
GetModuleHandleA
CloseHandle
OpenProcess
DeleteCriticalSection
GetFileType
GetModuleFileNameA
TerminateProcess
GetTimeFormatA
GetStdHandle
GetFileAttributesA
WideCharToMultiByte
IsBadWritePtr
GetProcAddress
GetOEMCP
SetStdHandle
GetStringTypeA
GetLocaleInfoW
QueryPerformanceCounter
TlsSetValue
CreateProcessW
MultiByteToWideChar
FreeEnvironmentStringsW
GetDateFormatA
GetEnvironmentStringsW
GetCurrentProcessId
GetLastError
SetEvent
FreeResource
GetStartupInfoW
GetUserDefaultLCID
GetProcessAffinityMask
InitializeCriticalSection
TlsFree
VirtualProtect
FreeEnvironmentStringsA
GetCurrentThreadId
EnumResourceLanguagesW
GetCurrentThread
UnhandledExceptionFilter
GetStartupInfoA
VirtualQuery
HeapAlloc
SetFilePointer
VirtualAlloc
GetACP
GetSystemDefaultLCID
IsValidLocale
GetModuleFileNameW
IsValidCodePage
GetCommandLineW
RtlUnwind
FindAtomA

comctl32

DrawStatusTextA
ImageList_GetDragImage
ImageList_BeginDrag
InitCommonControlsEx
CreateStatusWindow
CreatePropertySheetPage
ImageList_EndDrag
CreateToolbarEx
CreateToolbar
ImageList_DragMove
ImageList_GetIconSize
DrawInsert
ImageList_GetImageCount
ImageList_Create

gdi32

CopyEnhMetaFileW
GetSystemPaletteEntries

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2a31a8c06940a894f4bb2a9304d2571

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

gdi32

Sections

.text Size: 150KB - Virtual size: 149KB

.rdata Size: 55KB - Virtual size: 80KB

.data Size: 94KB - Virtual size: 94KB

.rsrc Size: 51KB - Virtual size: 51KB

.text
Size: 150KB - Virtual size: 149KB

.rdata
Size: 55KB - Virtual size: 80KB

.data
Size: 94KB - Virtual size: 94KB

.rsrc
Size: 51KB - Virtual size: 51KB