d3900649fe9c4c0a245038252a0e152c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d3900649fe9c4c0a245038252a0e152c_JaffaCakes118
Size

532KB
MD5

d3900649fe9c4c0a245038252a0e152c
SHA1

84103e2547006043b98776985360329673d29951
SHA256

21dd9c93725d798fe50f7ef9bd775fda074f48749ef9f4f533146035f07b8964
SHA512

a6bc153909f0b95fd8843e8db7c673d5636deefa50066196950ad59ab0d1222eb00b18b62d57456d47970771f745c29103809c071adcd5459254f7fe1f742413
SSDEEP

12288:yeM/CMgIHaoVle6KrMekB3cWC/k2yzWRpzQu2fAbt:yeM/fb64pKoPB3LfC/su2oh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3900649fe9c4c0a245038252a0e152c_JaffaCakes118

Files

d3900649fe9c4c0a245038252a0e152c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a91efc5354978d601011a0155329ffb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\JOETF\FES\SFO\SLOSE.PDB

Imports

kernel32

GetCurrentThread
GetCurrentThreadId
HeapReAlloc
FreeLibrary
PulseEvent
FindFirstFileExW
IsDebuggerPresent
GetCurrentProcess
SetCurrentDirectoryA
CompareStringA
WideCharToMultiByte
LoadLibraryW
GetSystemTimeAsFileTime
GetStartupInfoA
HeapFree
SetThreadAffinityMask
GetLocalTime
SetStdHandle
SetEnvironmentVariableA
ExitProcess
GetSystemTime
GetEnvironmentStringsW
SetFileTime
GetLastError
GetPrivateProfileSectionNamesW
SetEvent
CloseHandle
lstrcpyn
GetPrivateProfileIntA
SetThreadPriority
GetFileAttributesExW
UnhandledExceptionFilter
OpenMutexW
CreateMutexA
GlobalCompact
UnlockFile
TlsSetValue
QueryPerformanceCounter
InitializeCriticalSection
InterlockedExchange
RtlUnwind
GetCurrentProcessId
OpenWaitableTimerW
WriteProfileSectionA
GetEnvironmentStrings
TlsGetValue
LCMapStringW
HeapCreate
FreeEnvironmentStringsA
GetProcAddress
LCMapStringA
TerminateProcess
GetTimeZoneInformation
SetEnvironmentVariableW
VirtualFree
InterlockedDecrement
FoldStringW
SetConsoleTextAttribute
EnumDateFormatsW
EnterCriticalSection
FreeEnvironmentStringsW
MultiByteToWideChar
GetNamedPipeInfo
ReadFile
SetFilePointer
GetTickCount
GetVersionExA
LocalReAlloc
GetPrivateProfileIntW
LocalShrink
GetNamedPipeHandleStateW
WriteFile
GetVersionExW
GetModuleHandleA
LocalFileTimeToFileTime
LeaveCriticalSection
IsBadWritePtr
CreateFileA
VirtualAlloc
DosDateTimeToFileTime
LoadLibraryA
GetStringTypeA
GetStringTypeW
HeapDestroy
GetTempPathA
GetFileType
CompareStringW
TlsAlloc
SetLastError
TlsFree
GetCPInfo
GetModuleFileNameA
GetStdHandle
WriteConsoleOutputCharacterA
SetConsoleCursorPosition
ExitThread
GetModuleFileNameW
SetWaitableTimer
FindAtomA
WaitNamedPipeW
CreateToolhelp32Snapshot
VirtualQuery
GetVersion
OpenMutexA
DeleteCriticalSection
GetCommandLineA
SetTimeZoneInformation
GetStartupInfoW
FillConsoleOutputCharacterW
FlushFileBuffers
GetCommandLineW
SetSystemTime
SetHandleCount
InterlockedIncrement
CreateFileW
LocalLock
HeapAlloc
GlobalAddAtomA
ConvertDefaultLocale
WaitForDebugEvent

shell32

SHBrowseForFolderW
SHFormatDrive

user32

SetMenuInfo
GetMenuItemRect
DdeGetLastError
CheckRadioButton
SetDoubleClickTime
GetMenu
CallMsgFilter
GetClassNameW
SetClipboardViewer
IsCharAlphaW
SetWindowsHookExA
MapWindowPoints
CallMsgFilterA
DialogBoxParamA
GetProcessWindowStation
CascadeChildWindows
EnumDesktopsW
WinHelpW
InsertMenuA
wsprintfA
SetMessageExtraInfo
GetWindowWord
BeginDeferWindowPos
UnionRect
MoveWindow
GetMenuCheckMarkDimensions
DdePostAdvise
MessageBoxA
ShowWindowAsync
RegisterDeviceNotificationW
PackDDElParam
GetWindowTextLengthW
ReplyMessage
CloseWindow
CreateCursor
GetMenuDefaultItem
EnumDisplayDevicesW
GetMessageA
FrameRect
RegisterClassExA
DdeUnaccessData
VkKeyScanA
OpenWindowStationA
GetClipboardFormatNameW
CreateMDIWindowW
DdeAddData
KillTimer
CloseDesktop
GetNextDlgGroupItem
EndTask
RegisterClassA
SetClassWord
GetClientRect
DefFrameProcW
ShowScrollBar
SetThreadDesktop
UnhookWindowsHook
DdeQueryStringA
SetRect
SetCapture
SetClassLongA
GetMenuStringA
CloseClipboard
DdeClientTransaction
GetWindowTextLengthA
wvsprintfA
SendIMEMessageExW

comctl32

CreateToolbar
ImageList_DrawIndirect
ImageList_GetFlags
CreateStatusWindowW
CreateMappedBitmap
ImageList_GetImageInfo
DrawInsert
InitCommonControlsEx

Sections

.text
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a91efc5354978d601011a0155329ffb5

Headers

File Characteristics

PDB Paths

Imports

kernel32

shell32

user32

comctl32

Sections

.text Size: 152KB - Virtual size: 150KB

.rdata Size: 256KB - Virtual size: 255KB

.data Size: 108KB - Virtual size: 121KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 152KB - Virtual size: 150KB

.rdata
Size: 256KB - Virtual size: 255KB

.data
Size: 108KB - Virtual size: 121KB

.rsrc
Size: 12KB - Virtual size: 10KB