b509895ad49c7545d1afea62364fd0b7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b509895ad49c7545d1afea62364fd0b7_JaffaCakes118
Size

470KB
MD5

b509895ad49c7545d1afea62364fd0b7
SHA1

47a299f95cc2b9366f13047ed485076ef2fd50c7
SHA256

0efeafbc9ef31bc0b8cf7c88a0bd04343466ee0ea8f8ccc030bc4017a786486e
SHA512

24bf2845d311bc7580ef6a06b3e15074cbd54c73a6708e99ea697799228d7bb9b85c7b446bcd94fa1867830d2250c73cd832d22476b5a6ca0a0520d1570f096c
SSDEEP

12288:lP6VKQF4cqGzKlptJEOfkj+BcD5rIkD+s:Z6VbAlpbEVSs5rys

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b509895ad49c7545d1afea62364fd0b7_JaffaCakes118

Files

b509895ad49c7545d1afea62364fd0b7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4e867addb1e2366599416bb93ac84cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\ishgbe\eoztz.pdb

Imports

kernel32

TlsFree
EnterCriticalSection
GetVersionExA
QueryPerformanceCounter
ReadConsoleOutputA
GetCPInfo
CompareStringW
GetCurrentThread
GetSystemInfo
GetCurrentThreadId
MultiByteToWideChar
GetTempPathA
SetConsoleWindowInfo
RtlUnwind
GetModuleHandleA
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetTimeZoneInformation
FlushFileBuffers
LCMapStringA
GetACP
VirtualAlloc
TlsGetValue
SetStdHandle
LoadLibraryA
CompareStringA
GetEnvironmentStringsW
VirtualProtect
GetDateFormatA
GetStartupInfoA
GetModuleFileNameA
SetEnvironmentVariableA
GetCurrentProcessId
SetHandleCount
GlobalGetAtomNameW
IsValidCodePage
HeapSize
InitializeCriticalSection
GetStdHandle
FreeEnvironmentStringsA
GetLastError
DeleteFileW
HeapReAlloc
IsBadWritePtr
CreateMutexA
SetConsoleCursorInfo
ExitProcess
FreeEnvironmentStringsW
GetProcAddress
MapViewOfFile
GetCommandLineA
GetLocaleInfoW
OpenMutexA
GetStringTypeW
VirtualQuery
HeapFree
GetEnvironmentStrings
TlsAlloc
TerminateProcess
LeaveCriticalSection
GetUserDefaultLCID
SetFilePointer
WriteFile
DeleteCriticalSection
HeapAlloc
HeapCreate
EnumSystemLocalesA
CloseHandle
TlsSetValue
InterlockedExchange
GetOEMCP
GetCurrentProcess
GetTimeFormatA
SetLastError
IsValidLocale
GetStringTypeA
ReadFile
HeapDestroy
GetTickCount
GlobalReAlloc
EnumDateFormatsW
VirtualFree
GetLocaleInfoA
OpenFileMappingW
GetFileType
LCMapStringW
CreateDirectoryExA
WideCharToMultiByte
UnlockFileEx

user32

CopyAcceleratorTableW
RegisterClassExA
UnloadKeyboardLayout
CascadeChildWindows
EnumDisplaySettingsA
PostMessageA
LoadStringA
UnpackDDElParam
UnhookWinEvent
EditWndProc
FindWindowW
MessageBoxA
WaitMessage
CreateWindowExA
SendMessageTimeoutW
GetKeyState
GetMenuDefaultItem
EqualRect
CallWindowProcA
GetClassInfoExW
GetDCEx
WINNLSGetEnableStatus
CreateMDIWindowW
MsgWaitForMultipleObjects
RegisterClassA
ShowWindow
IsMenu
RegisterWindowMessageA

comctl32

InitCommonControlsEx

advapi32

CryptGetHashParam
CryptImportKey
LookupPrivilegeValueW
AbortSystemShutdownW
RegQueryMultipleValuesA
LookupSecurityDescriptorPartsW
RegSaveKeyA
RegOpenKeyW
RegEnumValueA
CryptGenRandom
LookupPrivilegeDisplayNameW
RegEnumKeyExW
ReportEventW
GetUserNameW
LookupAccountSidA
CryptVerifySignatureA
RegConnectRegistryW
RegQueryValueExW
CryptSignHashA

shell32

SHLoadInProc

Sections

.text
Size: 325KB - Virtual size: 325KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4e867addb1e2366599416bb93ac84cf

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

advapi32

shell32

Sections

.text Size: 325KB - Virtual size: 325KB

.rdata Size: 26KB - Virtual size: 33KB

.data Size: 103KB - Virtual size: 102KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 325KB - Virtual size: 325KB

.rdata
Size: 26KB - Virtual size: 33KB

.data
Size: 103KB - Virtual size: 102KB

.rsrc
Size: 14KB - Virtual size: 14KB