db130f3e18c468bbe573dc282082492c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

db130f3e18c468bbe573dc282082492c_JaffaCakes118
Size

323KB
MD5

db130f3e18c468bbe573dc282082492c
SHA1

9a04cc3e6ae198281d3f9c56684630803ae035aa
SHA256

e88249055702c863040b1ea0595d13fb033008dc4e467b84739ed871fcf73810
SHA512

b91f603ed4fa42a6bcd2e9bb18f8b2fecaa9d6952035b93ea12179ed2a373416823cbdcf52e18b5bde4b7531a41231a88a27ecfa581dba4f63862f93071b4aca
SSDEEP

6144:b8qs6sXiiEAccmrDF5hZT1jw2sBLlfGnrVUboaMuh0HMCGsa:ABjEATmrDFh1hsBZfGZ5zHDla

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db130f3e18c468bbe573dc282082492c_JaffaCakes118

Files

db130f3e18c468bbe573dc282082492c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c4987bd015be07d5ca071cd8c9e16ab6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Must\appear\tone\Eat\kingPeriod.pdb

Imports

kernel32

HeapSize
LCMapStringA
GetACP
GetCPInfo
HeapReAlloc
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetOEMCP
WideCharToMultiByte
LCMapStringW
CloseHandle
DeleteCriticalSection
VirtualProtect
GetProcAddress
CreateFileW
Sleep
GetProcessHeap
GetTickCount
HeapAlloc
GetFileSize
IsValidCodePage
GetEnvironmentVariableW
VirtualAlloc
EnterCriticalSection
GetModuleHandleA
LeaveCriticalSection
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
RaiseException
RtlUnwind
GetLastError
HeapFree
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId

user32

DispatchMessageW
RegisterHotKey
CloseClipboard
GetMessageW
TrackPopupMenu
RegisterWindowMessageW
FillRect
LoadImageW
PostMessageW
IsWindowEnabled
DrawIcon
WindowFromPoint
UnhookWinEvent
CreateMenu
TranslateMessage
IsDialogMessageW
LoadIconW
OffsetRect
CheckMenuRadioItem
AppendMenuW
GetClassNameW
EndDialog
GetActiveWindow
DeferWindowPos
BeginDeferWindowPos
UnregisterHotKey
DrawFrameControl

gdi32

GetTextExtentPoint32W
SetViewportOrgEx
StretchBlt
SetPixel
SelectObject
TextOutW
PatBlt

comctl32

ImageList_ReplaceIcon
ImageList_DragLeave
ImageList_Draw

advapi32

RegCloseKey
AdjustTokenPrivileges
ControlService
RegisterServiceCtrlHandlerW
RegOpenKeyExW
FreeSid
SetServiceStatus
AllocateAndInitializeSid
LookupPrivilegeValueW
InitializeSecurityDescriptor
RegQueryValueExW
RegEnumKeyW
GetTokenInformation
StartServiceCtrlDispatcherW
DeleteService
OpenProcessToken
CloseServiceHandle
CreateServiceW
RegSetValueExW

winmm

PlaySoundW
timeBeginPeriod

oleacc

GetOleaccVersionInfo
AccessibleObjectFromPoint

Sections

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4987bd015be07d5ca071cd8c9e16ab6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comctl32

advapi32

winmm

oleacc

Sections

.text Size: 196KB - Virtual size: 196KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 9KB - Virtual size: 48KB

.rsrc Size: 93KB - Virtual size: 93KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 196KB - Virtual size: 196KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 9KB - Virtual size: 48KB

.rsrc
Size: 93KB - Virtual size: 93KB

.reloc
Size: 8KB - Virtual size: 7KB