b506baeb677bec2407457c64733302cb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b506baeb677bec2407457c64733302cb_JaffaCakes118
Size

475KB
MD5

b506baeb677bec2407457c64733302cb
SHA1

bee9a4c040d3769a36e681eab2c2ede3c298ffa6
SHA256

63f920ce4939a816fde5f1a20de59fee4f39baf8936f98701f0b796acd39964f
SHA512

9cd3d62e859920f73b532f83e4d3b5a1ab6d47d7e6180267e3c05734df527ea08882210a86505636dfef2a12c894480cac1c3c3512d25692782374d3ec04895d
SSDEEP

6144:X1LPCNOdqoB9U8Tzo/2yMj4mMOgzSlcbpTKRB2Q1C/Ji2W6oAX/NdfSzqbC/I9sz:XCOdPY8v/ywDImBVo/Ji2WmXuqCeede

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b506baeb677bec2407457c64733302cb_JaffaCakes118

Files

b506baeb677bec2407457c64733302cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b04fdd75832e019ea17e82f8ac0f12a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\dhh\xomwt\ixdozoywa.pdb

Imports

comctl32

InitCommonControlsEx

user32

TabbedTextOutW
DdeCreateStringHandleW
RegisterClassA
GetMenuInfo
DrawFrameControl
SetPropA
MessageBoxIndirectW
SetUserObjectSecurity
MoveWindow
RegisterClassExA
EndDeferWindowPos
EnableMenuItem
DestroyAcceleratorTable
GetClassInfoExW
CreateDialogParamA
IsCharLowerW
SetSystemCursor
SendNotifyMessageA
IsClipboardFormatAvailable
DlgDirListA

kernel32

OpenEventW
GetConsoleScreenBufferInfo
InterlockedExchange
RtlUnwind
GetModuleFileNameA
MultiByteToWideChar
GetFileType
GetTimeZoneInformation
GetACP
VirtualQuery
GetTickCount
WritePrivateProfileStringW
UnhandledExceptionFilter
ReadFile
CompareStringW
QueryPerformanceCounter
TlsGetValue
InitializeCriticalSection
OpenMutexA
GetLastError
GetCurrentThread
GetCompressedFileSizeW
SetEnvironmentVariableA
GetCurrentProcessId
LCMapStringA
HeapAlloc
FlushFileBuffers
HeapSize
GetLocaleInfoA
WriteConsoleOutputCharacterA
GetSystemTimeAsFileTime
GetStartupInfoA
CopyFileA
ReadConsoleOutputW
GlobalGetAtomNameA
HeapReAlloc
GetEnvironmentStringsW
HeapFree
FreeEnvironmentStringsA
LoadLibraryA
IsValidLocale
GetProcAddress
GetCPInfo
GetEnvironmentStrings
LeaveCriticalSection
GetSystemInfo
SetLastError
EnumSystemLocalesA
SetFilePointer
TlsAlloc
GetTimeFormatA
SetHandleCount
GetProcAddress
VirtualFree
WriteFile
GetStdHandle
GetModuleHandleA
FreeEnvironmentStringsW
LCMapStringW
ReadConsoleOutputA
GetOEMCP
GetStringTypeA
CloseHandle
CreateToolhelp32Snapshot
CompareStringA
SetStdHandle
GetDateFormatA
WideCharToMultiByte
HeapDestroy
GlobalAddAtomW
OpenSemaphoreA
GetUserDefaultLCID
VirtualProtect
TlsFree
IsValidCodePage
GetLocaleInfoW
EnterCriticalSection
ExitProcess
VirtualAlloc
GetCommandLineA
WriteConsoleInputA
DeleteCriticalSection
GetCurrentThreadId
GetCurrentProcess
GetTempFileNameW
GlobalCompact
TerminateProcess
IsBadWritePtr
HeapCreate
GetVersionExA
TlsSetValue
CreateMutexA
GetStringTypeW
GetCalendarInfoA

Sections

.text
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b04fdd75832e019ea17e82f8ac0f12a

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

Sections

.text Size: 316KB - Virtual size: 315KB

.rdata Size: 44KB - Virtual size: 61KB

.data Size: 102KB - Virtual size: 101KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 316KB - Virtual size: 315KB

.rdata
Size: 44KB - Virtual size: 61KB

.data
Size: 102KB - Virtual size: 101KB

.rsrc
Size: 12KB - Virtual size: 12KB