b72450d1b15420c542e54d0402fe6118_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b72450d1b15420c542e54d0402fe6118_JaffaCakes118
Size

748KB
MD5

b72450d1b15420c542e54d0402fe6118
SHA1

c25bcb3f69c424cbba11d5b8860377bee225b783
SHA256

374a935b8133084b60f4ffcd8779c7341c61056f58a69a54507368263781b9a0
SHA512

49446a84e5176248982cf5950c4d9d23f6a3e3ecb9a01be462757b22a3951c80a30e73e3b12de06fa8e39a6c0c7c48f179354927715c839eaabbab2fc95ed7d9
SSDEEP

12288:2TomUvhtf0Di+KM+XnO07XLH2FVwwitH4+wWIwXS7vdyq1FjneEGCH038knho9HZ:xhht2rB+XOYWTEUwXSs0jAR8Yo9HKvVe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b72450d1b15420c542e54d0402fe6118_JaffaCakes118

Files

b72450d1b15420c542e54d0402fe6118_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a07f2b6dcfba281984e5e2ee68d342a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\beze.pdb

Imports

comctl32

CreatePropertySheetPageA
CreateStatusWindow
InitCommonControlsEx
ImageList_GetIconSize
ImageList_BeginDrag
ImageList_DragMove
ImageList_LoadImage
GetEffectiveClientRect
ImageList_GetBkColor

kernel32

HeapAlloc
WriteConsoleW
TlsFree
GetConsoleCP
HeapSize
RtlUnwind
SetUnhandledExceptionFilter
GetFileType
GetCurrentProcessId
GetACP
GetCurrentThreadId
GetModuleFileNameA
IsValidLocale
GetOEMCP
GetTimeZoneInformation
SetConsoleCtrlHandler
GetStringTypeA
GetTickCount
WideCharToMultiByte
GetCurrentProcess
IsValidCodePage
GetStartupInfoA
LCMapStringW
FlushFileBuffers
Sleep
GetModuleHandleW
SetHandleCount
SetFilePointer
GetStringTypeW
TlsGetValue
SetStdHandle
UnhandledExceptionFilter
CompareStringA
QueryPerformanceCounter
VirtualQuery
WriteFile
GetModuleHandleA
TlsSetValue
InterlockedIncrement
VirtualFree
GetNumberFormatA
GetSystemTimeAsFileTime
CreateMutexA
GetTimeFormatA
GetCurrentThread
EnterCriticalSection
GetCPInfo
WriteConsoleA
ReadFile
InterlockedExchange
MultiByteToWideChar
TlsAlloc
DeleteCriticalSection
GetStartupInfoW
GetProcAddress
VirtualAlloc
HeapFree
GetCommandLineA
InterlockedDecrement
SetEnvironmentVariableA
TerminateProcess
GetLastError
LoadLibraryA
GetLocaleInfoW
ExitProcess
InitializeCriticalSectionAndSpinCount
GetConsoleOutputCP
HeapCreate
HeapReAlloc
GetCommandLineW
GetModuleFileNameW
FreeEnvironmentStringsW
CloseHandle
GetUserDefaultLCID
OpenMutexA
LCMapStringA
GetStdHandle
EnumSystemLocalesA
GetLocaleInfoA
IsDebuggerPresent
HeapDestroy
GetDateFormatA
GetConsoleMode
OpenWaitableTimerW
LeaveCriticalSection
SetLastError
CompareStringW
GetVersionExA
CreateFileA
FreeLibrary
GetEnvironmentStringsW

user32

DestroyWindow
ShowWindow
GetClientRect
RegisterClassA
RegisterClassExA
CreateWindowExW
DefWindowProcW
MessageBoxW

Sections

.text
Size: 341KB - Virtual size: 341KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 254KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a07f2b6dcfba281984e5e2ee68d342a0

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

Sections

.text Size: 341KB - Virtual size: 341KB

.rdata Size: 254KB - Virtual size: 274KB

.data Size: 129KB - Virtual size: 127KB

.rsrc Size: 22KB - Virtual size: 22KB

.text
Size: 341KB - Virtual size: 341KB

.rdata
Size: 254KB - Virtual size: 274KB

.data
Size: 129KB - Virtual size: 127KB

.rsrc
Size: 22KB - Virtual size: 22KB