b9755233d4760dddd21856d812a35016_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b9755233d4760dddd21856d812a35016_JaffaCakes118
Size

685KB
MD5

b9755233d4760dddd21856d812a35016
SHA1

9aad2bf62321280b726e7b05d02d5fd3f0e93044
SHA256

ab10006e6a9223bc1a535a1e538db30c12aaa25e3c0c52c3f22c1aeb3a6cd53e
SHA512

471b2d696287804a9a30b7ee5d6982620afff4c2cf4ea83f421848bc5d0d7a44e73e03be1e189c7d4ee71064335a3168a68b20f38d0f231284402585d517e307
SSDEEP

12288:/40lA817qhlDeT3raI3q+RCJ5PengzNqfGBolJ87bui5gBy2c:nlA81MWv3q+RCJNg0cGBolJ8fu2f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9755233d4760dddd21856d812a35016_JaffaCakes118

Files

b9755233d4760dddd21856d812a35016_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d0eb148c21733f308edcfeb531ecd628

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\uuebw\se

Imports

kernel32

LCMapStringW
SetStdHandle
TlsFree
GetCurrentThread
GetThreadLocale
GetProcAddress
FlushFileBuffers
GetSystemTimeAsFileTime
MultiByteToWideChar
VirtualAlloc
IsValidCodePage
FreeEnvironmentStringsA
VirtualFree
CreateWaitableTimerA
EnterCriticalSection
HeapCreate
HeapLock
lstrcpyn
GetFileType
TlsSetValue
CompareFileTime
GetModuleFileNameW
SetEnvironmentVariableA
SleepEx
LoadLibraryA
InterlockedExchange
HeapDestroy
MapViewOfFileEx
DosDateTimeToFileTime
GetStartupInfoW
GetLastError
GetDateFormatA
DeleteAtom
LockFileEx
GetModuleFileNameA
LocalLock
VirtualProtect
OpenMutexA
GetCompressedFileSizeW
InitializeCriticalSection
GetCPInfo
GetVersionExA
IsBadWritePtr
GetCurrentProcess
GetCurrentProcessId
QueryPerformanceCounter
GetLocaleInfoW
CreateDirectoryA
UnhandledExceptionFilter
HeapSize
SetFilePointer
EnumTimeFormatsW
CompareStringW
GetStringTypeA
SetLastError
GetTimeFormatA
GlobalUnfix
GetExitCodeProcess
IsValidLocale
EnumResourceNamesA
ReadFile
GetCurrentThreadId
ExitProcess
GetStringTypeExA
GetEnvironmentStringsW
GetStartupInfoA
DeleteCriticalSection
GetModuleHandleA
CloseHandle
TerminateProcess
GlobalFree
WideCharToMultiByte
GetLocaleInfoA
EnumSystemLocalesA
GetStdHandle
WriteFile
GetSystemInfo
SetThreadIdealProcessor
SetLocalTime
CompareStringA
HeapFree
SetHandleCount
HeapReAlloc
GetACP
FreeEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineA
GetUserDefaultLCID
GetCommandLineW
CreateMutexW
GetStringTypeW
GetTimeZoneInformation
TlsAlloc
VirtualProtectEx
GetTickCount
RtlUnwind
GetOEMCP
SetSystemTime
HeapAlloc
TlsGetValue
LeaveCriticalSection
CreateMutexA
LCMapStringA
VirtualQuery

user32

CallMsgFilterA
GetDesktopWindow
CreateAcceleratorTableA
SetWindowWord
LoadIconA
InvalidateRect
MessageBoxW
MoveWindow
CallWindowProcW
IsCharAlphaNumericA
GetWindowThreadProcessId
IsWindowEnabled
MsgWaitForMultipleObjectsEx
ReleaseCapture
DdeAccessData
RegisterClassA
InsertMenuW
SetClassLongA
DdeAbandonTransaction
ShowWindow
SetLastErrorEx
RealGetWindowClass
GetScrollInfo
CharNextExA
GetKeyboardLayoutNameA
MapVirtualKeyExA
DestroyMenu
PostThreadMessageA
IsCharUpperA
DdeUninitialize
ChangeDisplaySettingsExW
DdeCreateDataHandle
DlgDirSelectComboBoxExW
DragDetect
CharToOemBuffA
RegisterWindowMessageA
DestroyWindow
DefWindowProcA
GetSystemMetrics
RegisterClassExA
CreateDialogParamW
GetClassLongA
SetForegroundWindow
GetTabbedTextExtentA
VkKeyScanA
GetThreadDesktop
SetWindowsHookW
wsprintfA
CreateWindowExW

comctl32

ImageList_Duplicate
ImageList_GetFlags
ImageList_AddIcon
ImageList_SetFlags
CreatePropertySheetPageA
InitCommonControlsEx
CreatePropertySheetPageW
ImageList_Create
ImageList_GetDragImage
ImageList_DrawEx
InitMUILanguage
CreateStatusWindowA
ImageList_Write
ImageList_Merge
ImageList_LoadImageW
ImageList_Destroy

Sections

.text
Size: 293KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 121KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0eb148c21733f308edcfeb531ecd628

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

Sections

.text Size: 293KB - Virtual size: 293KB

.rdata Size: 251KB - Virtual size: 250KB

.data Size: 121KB - Virtual size: 151KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 293KB - Virtual size: 293KB

.rdata
Size: 251KB - Virtual size: 250KB

.data
Size: 121KB - Virtual size: 151KB

.rsrc
Size: 18KB - Virtual size: 18KB