d468861d749a6593c0dbb2f274bc0cd2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d468861d749a6593c0dbb2f274bc0cd2_JaffaCakes118
Size

395KB
MD5

d468861d749a6593c0dbb2f274bc0cd2
SHA1

aba90293044085b52c514a10db98e7c8f98d4cec
SHA256

7dc7f43c3f7cdb6a9e4bbfbdf69eb67eccfdf6daa9a30d1e41bb23cf0a7fa2fa
SHA512

a4a0cb24dcdda9b5f74a0da7788faf84694bc0fc3206b26f513370f159197e43d665664470f49124dfb2dffed7077d75924ab3828a0ec17aac5debe2bdd564d3
SSDEEP

6144:ReE94FPz0lDqg3V0YMwebiM1ut1oWTiO1Vazac/ycLXY9zuyr691lFrXfp5WqAZ:ReEO7UDqg3VxO31q1oPqc/tcQRR5WR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d468861d749a6593c0dbb2f274bc0cd2_JaffaCakes118

Files

d468861d749a6593c0dbb2f274bc0cd2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

02ca12fe904ba00f30b7585a93057146

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

PDB Paths

Z:\protect\Event\cancels\tend\beco.pdb

Imports

kernel32

LCMapStringW
GetStringTypeW
RtlUnwind
HeapFree
HeapQueryInformation
HeapSize
HeapReAlloc
GetConsoleMode
GetConsoleCP
SetFilePointer
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
LoadLibraryW
SetStdHandle
WriteFile
InitializeCriticalSectionAndSpinCount
SetLastError
TlsFree
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
IsBadReadPtr
HeapValidate
IsProcessorFeaturePresent
IsDebuggerPresent
FlushFileBuffers
lstrcpyA
DeleteFileA
FileTimeToLocalFileTime
CloseHandle
FillConsoleOutputAttribute
GetModuleHandleA
FindNextFileA
GetConsoleScreenBufferInfo
LoadLibraryA
FindClose
GlobalFree
SetFileAttributesA
CopyFileA
BackupWrite
GetProcessHeaps
GetProcAddress
GetLastError
GetFullPathNameA
FindFirstFileA
GetStdHandle
CreateDirectoryA
MultiByteToWideChar
lstrcatA
EnumResourceLanguagesA
FileTimeToSystemTime
MulDiv
SetConsoleCursorPosition
GetFileAttributesA
Sleep
WaitForSingleObject
QueryPerformanceCounter
HeapAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
EncodePointer
RaiseException
GetModuleFileNameW
GetStartupInfoW
HeapSetInformation
GetCommandLineA
ExitProcess
GetModuleHandleW
DecodePointer
CreateFileA
FillConsoleOutputCharacterA
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
CreateFileW

user32

GetDlgItemTextA
SetMenuItemInfoA
DestroyMenu
CallWindowProcA
SetClipboardData
UpdateWindow
GetDlgItemTextW
SetWindowTextA
GetSystemMetrics
OpenClipboard
GetMenuItemCount
GetMenuStringA
GetNextDlgTabItem
EndPaint
CloseClipboard
DestroyAcceleratorTable
GetWindowRect
PostQuitMessage
TrackPopupMenu
GetMenuItemID
GetSubMenu
CopyImage
GetFocus
LoadBitmapA
GetParent
LoadMenuA
wsprintfA
GetClientRect
SetFocus
SendMessageA
BeginPaint
SetScrollRange
GetDC
OffsetRect
SetRect
SetWindowLongA
UnionRect
InvalidateRect
SetScrollPos
ReleaseDC
EmptyClipboard
GetMenuState
GetDlgItem
EndDialog
DefWindowProcA
GetMenuItemInfoA

gdi32

MoveToEx
EndPage
BitBlt
PatBlt
GetTextExtentPoint32A
LineTo
StartPage
SetTextColor
DeleteDC
CreateFontA
CreateFontIndirectA
SetBkColor
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GdiSetBatchLimit
StartDocA
CreateRectRgn
GetTextExtentPointA
Escape
CreatePen
GetTextMetricsA
GetObjectA
TextOutW
EndDoc
GetStockObject
CreateSolidBrush
TextOutA
GetDeviceCaps

comdlg32

PrintDlgA
ChooseFontA

ole32

OleUninitialize
CoInitialize
OleFlushClipboard
OleInitialize
CreateStreamOnHGlobal
CoUnmarshalInterface

ws2_32

recv

userenv

GetProfilesDirectoryA

avifil32

AVIStreamCreate
AVIFileInit

version

GetFileVersionInfoW

Sections

.text
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.roba
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.corn
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rezus
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02ca12fe904ba00f30b7585a93057146

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

ole32

ws2_32

userenv

avifil32

version

Sections

.text Size: 204KB - Virtual size: 203KB

.rdata Size: 85KB - Virtual size: 84KB

.data Size: 4KB - Virtual size: 13KB

.roba Size: 7KB - Virtual size: 7KB

.corn Size: 39KB - Virtual size: 39KB

.rezus Size: 41KB - Virtual size: 41KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 204KB - Virtual size: 203KB

.rdata
Size: 85KB - Virtual size: 84KB

.data
Size: 4KB - Virtual size: 13KB

.roba
Size: 7KB - Virtual size: 7KB

.corn
Size: 39KB - Virtual size: 39KB

.rezus
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 12KB - Virtual size: 12KB