b6c1cade8901504836f95986bbb73ad3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b6c1cade8901504836f95986bbb73ad3_JaffaCakes118
Size

584KB
MD5

b6c1cade8901504836f95986bbb73ad3
SHA1

49f96211717d7cfa8dff2bc200bcd5cefc4c9dbc
SHA256

daaa2191b251b36e01431469cc1955b915915cc264e8ce2cd1eaf0b7ed0df9b7
SHA512

802056ed54c684421b8b2aa571e8f0b16b50fa170f64f2753f462cf96a7191eac0c7ed2fa7805b1af80b7f477f4db5a3e1da2914c3bbd73935b5249317177ec4
SSDEEP

12288:bj9JdYmecc2U1C3ThGVtbjPDamBFLOWxgca3+Jfc:FJdPu2U1olGVBaqFZScauJfc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6c1cade8901504836f95986bbb73ad3_JaffaCakes118

Files

b6c1cade8901504836f95986bbb73ad3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf65894c9b8553a6c3678d2d80ba833f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\yezpeo\ohex\xetgst\tdeperf\tgge\secbebqnf

Imports

kernel32

GetDiskFreeSpaceW
GetSystemTimeAsFileTime
HeapAlloc
CompareStringW
TlsGetValue
FreeLibraryAndExitThread
HeapCreate
GetCPInfo
FlushFileBuffers
EnterCriticalSection
TlsAlloc
GlobalLock
MultiByteToWideChar
GetCurrentProcess
GetLocaleInfoW
GetConsoleOutputCP
HeapLock
GetUserDefaultLCID
RtlUnwind
GetModuleFileNameA
CloseHandle
VirtualAlloc
GetModuleHandleA
GetFileType
IsBadWritePtr
GetModuleFileNameW
GetAtomNameW
CompareStringA
EnumResourceNamesW
GetCurrentThread
SetConsoleCP
UnhandledExceptionFilter
GetEnvironmentStringsW
EnumSystemLocalesA
SetStdHandle
GetProcAddress
IsValidLocale
LCMapStringA
LCMapStringW
GetCurrentProcessId
GetPrivateProfileStringA
WriteConsoleInputW
GetDiskFreeSpaceExA
GetCurrentDirectoryW
TerminateProcess
GetOEMCP
HeapReAlloc
ReadFile
VirtualQuery
OpenMutexA
GetCurrentThreadId
GetCommandLineW
WritePrivateProfileSectionW
GetDateFormatA
VirtualProtect
GetCommandLineA
GetACP
VirtualFree
LoadLibraryA
FreeEnvironmentStringsW
GetStringTypeW
InitializeCriticalSection
GetLocaleInfoA
WideCharToMultiByte
SetConsoleScreenBufferSize
IsValidCodePage
GetProcessAffinityMask
QueryPerformanceCounter
GetStringTypeA
SetEnvironmentVariableA
ExitProcess
GetTickCount
SetLastError
WriteFile
GetStdHandle
GetTimeZoneInformation
GetSystemInfo
CreateMutexA
GetStartupInfoA
HeapFree
FreeEnvironmentStringsA
HeapSize
DeleteCriticalSection
LeaveCriticalSection
CreateMailslotW
GetLastError
TlsFree
GetCompressedFileSizeA
SetFilePointer
SleepEx
GetVersionExA
GetStartupInfoW
HeapDestroy
GetEnvironmentStrings
GetTimeFormatA
InterlockedExchange
SetHandleCount
LockResource
TlsSetValue
SetWaitableTimer

wininet

InternetSetDialState
SetUrlCacheGroupAttributeW

comctl32

CreateStatusWindowW
InitCommonControlsEx
ImageList_SetBkColor
ImageList_DrawEx
ImageList_GetIconSize

user32

CreateIcon
GetMenuContextHelpId
CharToOemA
VkKeyScanA
GetFocus
SwitchDesktop
RegisterClassExA
DlgDirSelectExW
TileChildWindows
IsCharAlphaNumericA
EndTask
SetForegroundWindow
DrawTextW
IsMenu
RegisterClassA
ClientToScreen
IsIconic
GetClipCursor
DdeUnaccessData
TrackMouseEvent
SetMessageQueue
DlgDirListW
MapVirtualKeyExA
BlockInput

shell32

ExtractAssociatedIconW
SHBrowseForFolderW

Sections

.text
Size: 196KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf65894c9b8553a6c3678d2d80ba833f

Headers

File Characteristics

PDB Paths

Imports

kernel32

wininet

comctl32

user32

shell32

Sections

.text Size: 196KB - Virtual size: 192KB

.rdata Size: 252KB - Virtual size: 251KB

.data Size: 112KB - Virtual size: 125KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 196KB - Virtual size: 192KB

.rdata
Size: 252KB - Virtual size: 251KB

.data
Size: 112KB - Virtual size: 125KB

.rsrc
Size: 20KB - Virtual size: 16KB