b09c9c116b904c8b22a96a76bc8b1537_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b09c9c116b904c8b22a96a76bc8b1537_JaffaCakes118
Size

624KB
MD5

b09c9c116b904c8b22a96a76bc8b1537
SHA1

8900025a5f2c77b68756dba97e0d8767f2830f2f
SHA256

3d098c9ec33fde69daac9756a3cd2ab111a745a03e88e917c1dfea68c78f4f1f
SHA512

95d960ef761948f8215af1d1f811065bbc7f1555b9ccde679e7c40b952f20af983c555951a810874100c8c0ca6aa0d0b84b47e059d90f5e04bd6613df2cbe9da
SSDEEP

12288:EFDMhNupx/uTe+hFwmV1Sz3x4dOrsfbADi4HXRq+21Ia5J29Xy+TCHBC28lI06:EhD/Gludx40r0Cro1DJ29Xy+Ll

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b09c9c116b904c8b22a96a76bc8b1537_JaffaCakes118

Files

b09c9c116b904c8b22a96a76bc8b1537_JaffaCakes118
.exe windows:4 windows x86 arch:x86

715f8759caf918e00d08063297d97325

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\HEI\AWOCESATKW\CSQB\NXEYRBSKZ\UXKOOVWJVW\RWC.PDB

Imports

comdlg32

PrintDlgA
PageSetupDlgA
LoadAlterBitmap

kernel32

GetUserDefaultLCID
GetStringTypeA
LCMapStringA
CreateMutexA
WritePrivateProfileSectionA
EnumSystemLocalesA
WriteFile
VirtualFree
GetCurrentThreadId
GetConsoleCP
IsBadReadPtr
GetCalendarInfoA
GetTimeZoneInformation
QueryPerformanceCounter
ReadFile
OutputDebugStringW
InterlockedDecrement
VirtualQuery
FlushViewOfFile
OpenMutexA
TerminateProcess
FreeEnvironmentStringsW
LeaveCriticalSection
GetEnvironmentStrings
GetProcessHeap
FindFirstFileExW
GetModuleFileNameW
SetFileAttributesA
GetLastError
GetCPInfo
GetModuleHandleA
GetEnvironmentStringsW
WriteConsoleW
CloseHandle
CreateFileA
VirtualAlloc
GetConsoleOutputCP
HeapReAlloc
DebugBreak
SetUnhandledExceptionFilter
WriteConsoleA
SetEnvironmentVariableA
GetTimeFormatA
HeapSize
GetLocaleInfoA
GetModuleHandleW
RaiseException
OpenMutexW
GetTickCount
SetHandleCount
ExitProcess
GetCommandLineA
GetConsoleMode
SetConsoleCtrlHandler
CompareStringA
GetCurrentThread
GetDateFormatA
MultiByteToWideChar
GetStartupInfoA
InitializeCriticalSectionAndSpinCount
RemoveDirectoryW
CompareStringW
HeapCreate
IsValidCodePage
GetACP
FreeEnvironmentStringsA
LoadLibraryW
FlushFileBuffers
GetProcAddress
GetSystemTimeAsFileTime
InterlockedExchange
TlsGetValue
ReleaseSemaphore
HeapFree
TlsFree
GetStdHandle
SetFilePointer
HeapValidate
GetPrivateProfileSectionNamesW
WritePrivateProfileStringA
TlsAlloc
GetCurrentProcessId
InterlockedIncrement
UnhandledExceptionFilter
EnumResourceTypesW
IsValidLocale
EnterCriticalSection
GetThreadTimes
GetCurrentProcess
GetOEMCP
HeapDestroy
GlobalAddAtomW
TlsSetValue
GetLocaleInfoW
GetModuleFileNameA
FreeLibrary
LoadLibraryA
HeapAlloc
GetStringTypeW
OutputDebugStringA
WideCharToMultiByte
lstrlenA
GetFileType
DeleteCriticalSection
RtlUnwind
SetStdHandle
Sleep
SetLastError
IsDebuggerPresent
LCMapStringW

user32

ShowWindow
RegisterClassExA
CreateWindowExW
RegisterClassA
SwitchToThisWindow
MessageBoxW

comctl32

ImageList_DragEnter
ImageList_LoadImageW
ImageList_GetImageCount
CreatePropertySheetPageW
ImageList_Copy
ImageList_GetBkColor
InitMUILanguage
ImageList_DragMove
ImageList_DragShowNolock
ImageList_BeginDrag
ImageList_ReplaceIcon
ImageList_SetOverlayImage
DrawInsert
CreateStatusWindowA
InitCommonControlsEx
CreateToolbar

advapi32

RegQueryValueExW
RegEnumKeyExW
LookupAccountSidW
RegConnectRegistryA

Sections

.text
Size: 432KB - Virtual size: 431KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

715f8759caf918e00d08063297d97325

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

user32

comctl32

advapi32

Sections

.text Size: 432KB - Virtual size: 431KB

.rdata Size: 80KB - Virtual size: 102KB

.data Size: 105KB - Virtual size: 104KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 432KB - Virtual size: 431KB

.rdata
Size: 80KB - Virtual size: 102KB

.data
Size: 105KB - Virtual size: 104KB

.rsrc
Size: 6KB - Virtual size: 6KB