c88e0feee24f2fc6a289dcc06c2cd2a1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c88e0feee24f2fc6a289dcc06c2cd2a1_JaffaCakes118
Size

751KB
MD5

c88e0feee24f2fc6a289dcc06c2cd2a1
SHA1

f8b02e5c53fd20b890fdbc7b0bda5670d7e1eff6
SHA256

53b555f16424dd2b493cb094e96ece64339fc167a4f221f85bf2111cd6a3d971
SHA512

460afd44ab44c8fef005631056c7e9c335c4837cd985edae8f8eef7695e45fd75ece8697841de0487c0886979d149edd48ca7dec945f268e85d49ca3b4e9d7aa
SSDEEP

12288:lI3xodRjYxB8ruFLQHs4M9+FDhJLesODe8dWylmMRGixS2AAET9uxPo:bjYxB8AQHs4MMRSWynRRxJggZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c88e0feee24f2fc6a289dcc06c2cd2a1_JaffaCakes118

Files

c88e0feee24f2fc6a289dcc06c2cd2a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f458df88d9966e421b37515abe1030a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\smtoyse\mfgag\mvlio

Imports

kernel32

GetACP
GetUserDefaultLCID
HeapDestroy
MultiByteToWideChar
WriteConsoleOutputAttribute
SetFilePointer
GetEnvironmentVariableA
SetLastError
InterlockedDecrement
GetFileType
EnterCriticalSection
TlsSetValue
GetFileAttributesExW
ExitProcess
GetTimeFormatA
GetModuleFileNameW
WriteConsoleA
DeleteCriticalSection
GetLastError
GetCurrencyFormatW
FreeEnvironmentStringsW
InterlockedExchange
HeapAlloc
HeapCreate
RtlUnwind
InitializeCriticalSection
GetStartupInfoA
VirtualFree
CompareStringW
CloseHandle
GetConsoleOutputCP
GetStartupInfoW
FlushFileBuffers
LCMapStringW
GetCurrentThreadId
GetStringTypeA
GetCurrentThread
HeapReAlloc
TerminateProcess
FindResourceA
IsDebuggerPresent
TlsGetValue
EnumSystemLocalesA
GetStringTypeW
TlsAlloc
CreateFileA
CreateMutexA
GetEnvironmentStrings
LoadLibraryA
GetCommandLineA
AddAtomA
GetModuleFileNameA
GetCPInfo
VirtualAlloc
GetConsoleMode
GetProcAddress
GetLocaleInfoA
GetFullPathNameW
EnumDateFormatsW
GetVersionExA
IsBadWritePtr
InterlockedIncrement
GetModuleHandleA
CompareStringA
GetPrivateProfileIntW
CreateNamedPipeW
WriteConsoleW
SetStdHandle
GetOEMCP
HeapFree
GetTimeZoneInformation
FreeLibrary
GetProcessHeap
FreeEnvironmentStringsA
WriteFile
GetLocaleInfoW
SetEnvironmentVariableA
GetCurrentProcess
OpenMutexA
GetConsoleCP
HeapSize
GetPrivateProfileSectionA
SetHandleCount
GetDateFormatA
SetConsoleCtrlHandler
UnhandledExceptionFilter
WideCharToMultiByte
GetEnvironmentStringsW
LeaveCriticalSection
IsValidCodePage
GetStdHandle
Sleep
ReadFile
VirtualQuery
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
IsValidLocale
GetCommandLineW
GetTickCount
TlsFree
GetAtomNameA
QueryPerformanceCounter
LCMapStringA
GetCurrentProcessId

comctl32

ImageList_ReplaceIcon
CreateStatusWindowA
ImageList_Duplicate
ImageList_LoadImageW
_TrackMouseEvent
CreatePropertySheetPageW
ImageList_DrawIndirect
ImageList_GetImageInfo
ImageList_Read
ImageList_DragEnter
ImageList_Add
ImageList_Destroy
DrawStatusTextA
InitCommonControlsEx
ImageList_SetFilter
ImageList_DragMove

user32

GetShellWindow
MessageBoxA
DialogBoxParamA
RegisterClassExA
TileWindows
GetThreadDesktop
GetKeyboardType
DrawFrame
ScrollDC
DefWindowProcW
SetProcessDefaultLayout
LoadStringW
SetCaretPos
GetMenuContextHelpId
DrawStateW
DefWindowProcA
SendDlgItemMessageA
GetMenu
RegisterClassA
GetMenuItemID
DestroyWindow
ShowWindow
CreateWindowExW
RegisterHotKey
SetWindowsHookExA

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 445KB - Virtual size: 445KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 143KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f458df88d9966e421b37515abe1030a0

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 111KB - Virtual size: 111KB

.rdata Size: 445KB - Virtual size: 445KB

.data Size: 143KB - Virtual size: 150KB

.rsrc Size: 50KB - Virtual size: 49KB

.text
Size: 111KB - Virtual size: 111KB

.rdata
Size: 445KB - Virtual size: 445KB

.data
Size: 143KB - Virtual size: 150KB

.rsrc
Size: 50KB - Virtual size: 49KB