d444f6bf22ec00deb39ca09614e267a6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d444f6bf22ec00deb39ca09614e267a6_JaffaCakes118
Size

500KB
MD5

d444f6bf22ec00deb39ca09614e267a6
SHA1

093d2460259e24e9a81f9dd8ec3185522ec49865
SHA256

0fe741c8e4fa6b12d94b9adb4d37ea07e469b26e260063e6d2c275693487e380
SHA512

27eb616d70c0239450f08ff9411c8fc6254250981f4be6d015826d22f174769ecb601b1063b69dbd0225e81086ec55e48aa4b2b61879a64d198a0b1df771801d
SSDEEP

12288:LoIfc7zPPY9DYMj10gHxC1fv8FXhH0pp3S7:LojnpM6sRZ0p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d444f6bf22ec00deb39ca09614e267a6_JaffaCakes118

Files

d444f6bf22ec00deb39ca09614e267a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c3e11f50c9e48ee17cac072d7c4d00da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\hnc\enulw\fsspjox\ernrah\edvg\iebey.pdb

Imports

kernel32

GetStdHandle
IsValidLocale
GetCPInfo
HeapReAlloc
ExitProcess
LeaveCriticalSection
MultiByteToWideChar
GetSystemInfo
WriteFile
GetStringTypeW
IsValidCodePage
GetSystemTimeAdjustment
GetDateFormatA
GetCommandLineA
FreeEnvironmentStringsW
GetCurrentThreadId
GetSystemTimeAsFileTime
TlsGetValue
HeapDestroy
LCMapStringW
InitializeCriticalSection
GetTimeFormatA
GetLocaleInfoA
SetStdHandle
TerminateProcess
GetStartupInfoA
WideCharToMultiByte
GetModuleFileNameA
QueryPerformanceCounter
HeapCreate
GetModuleHandleA
DeleteCriticalSection
InterlockedExchange
AddAtomW
LCMapStringA
TlsAlloc
CompareStringW
GetTimeZoneInformation
IsBadWritePtr
GetCurrentProcess
FlushFileBuffers
ReadFile
EnumSystemLocalesA
GetOEMCP
VirtualQuery
VirtualFree
GetCurrentProcessId
GetProcAddress
GetLocaleInfoW
VirtualAlloc
GetUserDefaultLCID
GetCurrentThread
SetLastError
GetStringTypeA
GlobalGetAtomNameA
GetVersionExA
SetFilePointer
FreeEnvironmentStringsA
GetACP
HeapSize
GetFileType
GetThreadTimes
CreateMutexA
EnterCriticalSection
GetEnvironmentStringsW
UnhandledExceptionFilter
LoadLibraryA
GetEnvironmentStrings
HeapAlloc
SetEnvironmentVariableA
TlsSetValue
OpenMutexA
RtlUnwind
HeapFree
GetTickCount
SetHandleCount
GetLastError
TlsFree
CloseHandle
VirtualProtect
CompareStringA

user32

RegisterClassA
DispatchMessageA
ChangeMenuW
CharToOemBuffW
LoadBitmapA
EnumDesktopWindows
RegisterWindowMessageA
CloseClipboard
SetUserObjectInformationA
GetInputState
CharLowerA
BringWindowToTop
KillTimer
SetFocus
RegisterClassExA
CreateIcon
RegisterHotKey
DlgDirListComboBoxW
VkKeyScanExW
DdeGetLastError

wininet

InternetUnlockRequestFile
InternetGetConnectedState
FtpSetCurrentDirectoryA
InternetWriteFile
HttpQueryInfoA
InternetQueryOptionA
InternetAttemptConnect
HttpOpenRequestW

gdi32

EnumICMProfilesA
PolyDraw
TranslateCharsetInfo
SetTextCharacterExtra
PolyPolyline
GdiPlayScript
GetKerningPairsW
DeleteEnhMetaFile
GetMapMode
StartDocA
CloseMetaFile
GetBoundsRect
CloseEnhMetaFile
GetRasterizerCaps
GetWindowOrgEx
SetICMProfileW
CreateColorSpaceW
GetMetaFileW
SetWinMetaFileBits
PolyPolygon
SetViewportExtEx
CreateScalableFontResourceW
GetFontLanguageInfo
GetStretchBltMode

comctl32

InitCommonControlsEx

Sections

.text
Size: 329KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3e11f50c9e48ee17cac072d7c4d00da

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

wininet

gdi32

comctl32

Sections

.text Size: 329KB - Virtual size: 328KB

.rdata Size: 44KB - Virtual size: 56KB

.data Size: 105KB - Virtual size: 104KB

.rsrc Size: 21KB - Virtual size: 20KB

.text
Size: 329KB - Virtual size: 328KB

.rdata
Size: 44KB - Virtual size: 56KB

.data
Size: 105KB - Virtual size: 104KB

.rsrc
Size: 21KB - Virtual size: 20KB