bd25af94c411b4a926235e055a28e705_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bd25af94c411b4a926235e055a28e705_JaffaCakes118
Size

281KB
MD5

bd25af94c411b4a926235e055a28e705
SHA1

b138bc654714e2eb3aea84ed599b05b4adeef95d
SHA256

eda3879c0cba8a5b8cb849789fb8d713b165867c3f1e224abdc9607638712725
SHA512

abb94113c70c3a25f47182f45defe69317770b1f3f6c54f186d405cd3945c790519668f1b876fea00804fc1def1f6f0e6ddc5c5aeb87d36e2084b6f79731f039
SSDEEP

6144:r05UDvLgNZ7/dzQQz2TG76/2WteyfFnW02r:r05UDvcr1UQCtjfFWh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd25af94c411b4a926235e055a28e705_JaffaCakes118

Files

bd25af94c411b4a926235e055a28e705_JaffaCakes118
.exe windows:4 windows x86 arch:x86

68a618fb4ef9577407ddeb3a41eacfdc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\vtgzetebjw.pdb

Imports

comctl32

CreateMappedBitmap
ImageList_DragLeave
ImageList_Destroy
_TrackMouseEvent
InitCommonControlsEx
ImageList_Read
CreateStatusWindow
ImageList_SetDragCursorImage
ImageList_SetImageCount
ImageList_SetIconSize
ImageList_DragShowNolock

user32

GetWindowTextA
GetKeyNameTextW
GetKBCodePage
RegisterClassExA
InsertMenuItemW
SetWindowsHookExW
MessageBoxA
GetKeyboardLayoutNameA
CreateWindowExA
GetLastActivePopup
RegisterClassA
PostThreadMessageA
EnumDesktopsA
DdeInitializeA
ShowWindow
GetMenuCheckMarkDimensions

kernel32

LCMapStringW
LeaveCriticalSection
ExitProcess
SetLastError
CompareStringA
HeapReAlloc
TlsFree
LoadLibraryA
GetStartupInfoW
SetEnvironmentVariableA
HeapDestroy
VirtualQuery
IsValidCodePage
GetEnvironmentStrings
EnterCriticalSection
IsValidLocale
TlsGetValue
TlsSetValue
GetSystemInfo
GetDateFormatA
FlushFileBuffers
GetCurrentThreadId
HeapCreate
GetLocaleInfoA
GetTickCount
SetStdHandle
GetTimeFormatA
FreeEnvironmentStringsA
GetModuleFileNameW
TlsAlloc
VirtualFree
SetFilePointer
GetTimeZoneInformation
WriteFile
HeapAlloc
ReadFile
GetModuleHandleA
GetCPInfo
VirtualProtect
GetSystemTimeAsFileTime
CloseHandle
CreateMutexA
VirtualAlloc
DeleteCriticalSection
GetModuleFileNameA
RtlUnwind
MultiByteToWideChar
GetCommandLineA
GetUserDefaultLCID
GetProcAddress
GetCommandLineW
MoveFileExW
ReadConsoleW
DebugBreak
ReleaseMutex
HeapSize
GetOEMCP
InitializeCriticalSection
GetCurrentThread
HeapFree
GetStringTypeW
InterlockedExchange
GetStartupInfoA
LCMapStringA
EnumSystemCodePagesW
EnumSystemLocalesA
TerminateProcess
IsBadWritePtr
GetACP
OpenMutexA
CompareStringW
GetCurrentProcessId
WideCharToMultiByte
WaitForSingleObjectEx
QueryPerformanceCounter
GetFileType
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
LocalShrink
SetHandleCount
GetStringTypeA
GetStdHandle
GetLocaleInfoW
GetVersionExA
GetCurrentProcess
UnhandledExceptionFilter

Sections

.text
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68a618fb4ef9577407ddeb3a41eacfdc

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

Sections

.text Size: 170KB - Virtual size: 170KB

.rdata Size: 16KB - Virtual size: 26KB

.data Size: 85KB - Virtual size: 84KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 170KB - Virtual size: 170KB

.rdata
Size: 16KB - Virtual size: 26KB

.data
Size: 85KB - Virtual size: 84KB

.rsrc
Size: 8KB - Virtual size: 7KB