b92be0c3a81cf00dd0771ad01413f456_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b92be0c3a81cf00dd0771ad01413f456_JaffaCakes118
Size

511KB
MD5

b92be0c3a81cf00dd0771ad01413f456
SHA1

f40e1f55e65ef49008a6594643c816996e47493e
SHA256

a3337edbd94c510c003fb3ad838897910d22a4f22ab0779615a2956e3443113e
SHA512

3b2d484b7b4daf5c2d980dc0341b2ac5d089b6b5f44b8cf09ddd13ce468b697982217861779720d3aa2ee7aa699e6081332b013ec645b36235cf58af3ba691c4
SSDEEP

12288:lODQXyx8SbbeUlal8xY+MiYrbyY5dvMtfLWIHg4eQovmjmw:lODQXy2SbnlE8xUP8CEgjlimw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b92be0c3a81cf00dd0771ad01413f456_JaffaCakes118

Files

b92be0c3a81cf00dd0771ad01413f456_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28865aea915c45a1e9736af0528f945e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\VIOIOOEGAE\XVJYSV\OEY\TYQEEEA\BEL\M

Imports

shell32

ShellExecuteExA
ShellAboutA
ShellAboutW

gdi32

ColorMatchToTarget
ModifyWorldTransform
SetColorAdjustment
GetStretchBltMode
SetTextCharacterExtra
GetEnhMetaFileDescriptionA
EnumEnhMetaFile
PolyPolygon
GetCharABCWidthsA
CreateICW
EnableEUDC
DrawEscape
SetViewportExtEx

kernel32

GetStringTypeW
IsValidCodePage
MultiByteToWideChar
HeapReAlloc
GetProcAddress
SetLastError
FreeEnvironmentStringsW
GetCommandLineA
GetEnvironmentStrings
FreeLibrary
GetCurrentProcessId
MapViewOfFileEx
SetConsoleCtrlHandler
GetFileType
SetEnvironmentVariableA
LCMapStringW
GetStartupInfoA
SetFilePointer
WriteConsoleW
GetStringTypeA
GetModuleFileNameA
GetLocaleInfoA
IsValidLocale
GetConsoleMode
VirtualAlloc
GlobalFix
HeapCreate
GetEnvironmentStringsW
GetConsoleScreenBufferInfo
GetOEMCP
DebugBreak
EnterCriticalSection
TerminateProcess
HeapFree
GetCurrentThread
LoadLibraryW
EnumCalendarInfoW
GetACP
HeapDestroy
GetTimeZoneInformation
ReadFile
GetProcessAffinityMask
WritePrivateProfileSectionW
TlsGetValue
CompareStringA
GetTimeFormatW
GetDateFormatA
FlushFileBuffers
LCMapStringA
EnumSystemLocalesA
FreeEnvironmentStringsA
InitializeCriticalSection
OpenMutexA
GetCurrentThreadId
SetHandleCount
IsDebuggerPresent
SetStdHandle
InterlockedExchange
GetModuleHandleA
VirtualFree
VirtualQueryEx
AllocConsole
GetVersionExA
CloseHandle
ExitProcess
HeapAlloc
CompareStringW
RtlUnwind
QueryPerformanceCounter
GetLocaleInfoW
InterlockedDecrement
LoadLibraryA
CreateFileA
GetConsoleCP
SetCurrentDirectoryA
WritePrivateProfileStringW
CreateSemaphoreW
GetSystemTimeAsFileTime
GetProcessHeap
TlsFree
GetUserDefaultLCID
DeleteCriticalSection
WideCharToMultiByte
GetCPInfo
SetUnhandledExceptionFilter
InterlockedIncrement
lstrcpynW
EnumResourceTypesA
WriteFile
GetCurrentProcess
UnhandledExceptionFilter
CreateMutexA
Sleep
GetTimeFormatA
GetConsoleOutputCP
GetStdHandle
HeapSize
WriteConsoleA
LeaveCriticalSection
GetTickCount
TlsAlloc
VirtualQuery
GetLastError
SetThreadPriority
TlsSetValue

wininet

FindNextUrlCacheEntryA
HttpEndRequestA
FtpOpenFileW
GopherGetLocatorTypeW
RetrieveUrlCacheEntryStreamA
FindFirstUrlCacheContainerA

comctl32

InitCommonControlsEx

advapi32

CryptSetProviderExW

user32

DrawFocusRect
GetMessageA
GetClientRect
IsCharAlphaA
EnumDesktopsA
CharToOemA
CascadeChildWindows
DdeQueryConvInfo
RegisterClassA
DestroyCaret
LoadKeyboardLayoutA
RegisterClassExA
SwitchToThisWindow
DialogBoxParamA
GetMessageW
MapDialogRect
CharPrevA
SetWindowsHookW
WINNLSGetEnableStatus
DefMDIChildProcA
InsertMenuA
EnableMenuItem
OemToCharW
CharToOemW

Sections

.text
Size: 349KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28865aea915c45a1e9736af0528f945e

Headers

File Characteristics

PDB Paths

Imports

shell32

gdi32

kernel32

wininet

comctl32

advapi32

user32

Sections

.text Size: 349KB - Virtual size: 348KB

.rdata Size: 32KB - Virtual size: 57KB

.data Size: 108KB - Virtual size: 107KB

.rsrc Size: 21KB - Virtual size: 20KB

.text
Size: 349KB - Virtual size: 348KB

.rdata
Size: 32KB - Virtual size: 57KB

.data
Size: 108KB - Virtual size: 107KB

.rsrc
Size: 21KB - Virtual size: 20KB