b8b0e459dee5dced3de6c9d4415352d7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b8b0e459dee5dced3de6c9d4415352d7_JaffaCakes118
Size

350KB
MD5

b8b0e459dee5dced3de6c9d4415352d7
SHA1

b55bfb534ee482d1a24591ff018d528b04601fad
SHA256

9acf1c4ebb82ce42f44f15f22244e4f0321f3b810ce76849f2beb332704cf622
SHA512

7185067d75e67432342c152b9bbaf561d7b98bbdfa8db9cc353be27c062f4e0dc13566cd77280c6e08f1c509544f64a1f60484c12ae8538a9da9d4a4e3f527d1
SSDEEP

6144:C73oFLDwyOmvsK4+jBWW8X0bCZH8Q+dhNfiQRIS0XVWAB1+:M3oFImvs3+jBrA0bomJUFWAB1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8b0e459dee5dced3de6c9d4415352d7_JaffaCakes118

Files

b8b0e459dee5dced3de6c9d4415352d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0234e0a692a600b19995bab436bd040

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\seozylem\eyezcflche.PDB

Imports

comctl32

InitCommonControlsEx
ImageList_SetFilter

user32

DragObject
UnhookWindowsHook
DefWindowProcA
RedrawWindow
DdeSetQualityOfService
RegisterClassExA
CreateWindowExA
GetCursor
DeferWindowPos
RegisterClassA
GetUserObjectInformationW
GetWindowTextLengthW
EnableScrollBar
FindWindowExW
HideCaret
IsCharAlphaW
DestroyWindow
CharPrevExA
CascadeWindows
UnhookWindowsHookEx
GetScrollBarInfo
GetProcessWindowStation
DlgDirListW
UnregisterHotKey
TileWindows
ExitWindowsEx
DrawIcon
DispatchMessageA
MessageBoxA
OemToCharW
DlgDirListA
ShowWindow

kernel32

TlsSetValue
TransactNamedPipe
FreeLibrary
RemoveDirectoryA
GetEnvironmentStringsW
CopyFileExA
MultiByteToWideChar
CompareStringA
IsDebuggerPresent
GetOEMCP
GetTimeFormatA
GetCurrentProcess
GetFileType
GetStartupInfoW
ExitProcess
EnumSystemLocalesA
GetTickCount
GetACP
GetConsoleOutputCP
FlushFileBuffers
SetEnvironmentVariableA
GetStdHandle
TlsAlloc
GetDateFormatA
GetCommandLineA
GetModuleFileNameA
LCMapStringW
LeaveCriticalSection
GetCPInfo
ReadFile
SetFilePointer
GetCommandLineW
GetConsoleCP
FreeEnvironmentStringsW
RtlMoveMemory
UnhandledExceptionFilter
LCMapStringA
HeapCreate
CreateDirectoryExA
CreateFileA
CloseHandle
OpenMutexA
HeapReAlloc
TerminateProcess
GetStringTypeW
VirtualAlloc
VirtualFree
CreateMutexA
GetCurrentThread
GetLocaleInfoA
WriteFile
HeapAlloc
CompareStringW
SetHandleCount
GetSystemTimeAsFileTime
IsValidLocale
GetModuleHandleA
Sleep
TlsGetValue
WriteConsoleA
GetCurrentProcessId
HeapFree
GetEnvironmentStringsA
HeapDestroy
GetFileSize
GetModuleHandleW
GetStartupInfoA
InterlockedDecrement
EnterCriticalSection
GetCurrentThreadId
InterlockedExchange
HeapSize
EnumCalendarInfoA
InterlockedIncrement
DeleteCriticalSection
GetLocaleInfoW
WideCharToMultiByte
LoadLibraryA
SetStdHandle
TlsFree
SetLastError
WriteConsoleW
GetStringTypeA
RtlUnwind
GetProcAddress
GetModuleFileNameW
QueryPerformanceCounter
OpenFileMappingA
GetThreadPriority
VirtualQuery
SetConsoleCtrlHandler
GetConsoleMode
GetLastError
GetUserDefaultLCID
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
IsValidCodePage

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0234e0a692a600b19995bab436bd040

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 56KB - Virtual size: 66KB

.data Size: 93KB - Virtual size: 93KB

.rsrc Size: 59KB - Virtual size: 58KB

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 56KB - Virtual size: 66KB

.data
Size: 93KB - Virtual size: 93KB

.rsrc
Size: 59KB - Virtual size: 58KB