dbb81ac527ac2bc5919b868d34595c24_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dbb81ac527ac2bc5919b868d34595c24_JaffaCakes118
Size

531KB
MD5

dbb81ac527ac2bc5919b868d34595c24
SHA1

89bf9b6eff472bc6a42a1035c6c95b9d294e3db2
SHA256

b2aaa5274eaaf02081c22deeac44bbce96250bf0febc51ffdb6491fe23bf8c75
SHA512

2833330bcd74542e42f42d857e13b989fbed70ef4eb97618c8f277bfa0f46eec81b66917e1e7076ffb118511dd1d71d79412aa68a6edf393a07b6e42d34757e0
SSDEEP

12288:azKBJBT07/mZwPFBHqyChGd0TtkZhCZ1qVQ5KwMYEnrNT:ayo7/mZwPFlqfhGVZMrqVQ5nmn5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbb81ac527ac2bc5919b868d34595c24_JaffaCakes118

Files

dbb81ac527ac2bc5919b868d34595c24_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56cd642ab6536752a9add60d75cb907c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\YPREUAUYOW\OAEVOEA\RTT\ZXBDVCHEAE\XEWTLVGA\PYEW.PDB

Imports

kernel32

GetTickCount
GetCurrentProcessId
EnterCriticalSection
HeapFree
VirtualQuery
GetCurrentProcess
GetOEMCP
GetStdHandle
HeapCreate
IsValidCodePage
InterlockedExchange
IsDebuggerPresent
GetFileType
FreeEnvironmentStringsW
SetHandleCount
GetProcAddress
GetProcessHeap
WriteFile
ReadFile
GetCPInfo
TlsGetValue
CloseHandle
GetModuleFileNameA
InitializeCriticalSection
GetConsoleOutputCP
VirtualFree
LoadLibraryA
SetFilePointer
GetVersionExA
DeleteCriticalSection
TlsAlloc
GetLocaleInfoW
SetLastError
CompareStringA
GetCurrentThreadId
InterlockedIncrement
ExitProcess
CreateMutexA
EnumSystemLocalesA
TerminateProcess
GetACP
GetSystemDirectoryW
GetEnvironmentStrings
FlushFileBuffers
LeaveCriticalSection
CompareStringW
SetStdHandle
GetEnvironmentStringsW
CreateFileA
MultiByteToWideChar
GetConsoleMode
HeapReAlloc
WriteConsoleW
GetStringTypeW
FreeLibrary
LCMapStringW
HeapSize
GetStringTypeA
GetTimeFormatA
GetSystemTimeAsFileTime
WriteConsoleA
GetCommandLineA
GetDateFormatA
OpenMutexA
QueryPerformanceCounter
VirtualAlloc
SetConsoleCtrlHandler
LCMapStringA
GetTimeZoneInformation
GetStartupInfoA
GetConsoleCP
HeapAlloc
GetCurrentThread
UnhandledExceptionFilter
GetModuleHandleA
IsValidLocale
EnumSystemCodePagesW
SetEnvironmentVariableA
GetLastError
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
WideCharToMultiByte
InterlockedDecrement
GetUserDefaultLCID
TlsFree
HeapDestroy
TlsSetValue
GlobalCompact
RtlUnwind
GetLocaleInfoA
Sleep

comctl32

InitCommonControlsEx

advapi32

RegEnumValueA
GetUserNameW
RegSaveKeyA
CryptSetProviderExA
CryptDestroyHash
CryptGetKeyParam
RegSetValueExA
CryptSetProviderExW
RegEnumKeyW
CryptEnumProvidersA
CryptHashSessionKey
LogonUserA
CryptEnumProviderTypesA
RegFlushKey
RegSetValueW

comdlg32

GetSaveFileNameA
ReplaceTextW
FindTextW

wininet

FindFirstUrlCacheGroup
InternetDialW
UnlockUrlCacheEntryFileW
InternetGetCertByURLA

user32

GetWindowInfo
DdeQueryConvInfo
IsChild
DrawStateA
EndDialog
RegisterClassA
PostMessageW
AppendMenuA
SetWindowTextW
SetClassWord
SetRectEmpty
MoveWindow
WINNLSGetIMEHotkey
SendInput
RegisterClassExA
RegisterWindowMessageA
InvalidateRgn
MapVirtualKeyExW
BeginPaint
GetDlgItemInt
EnumWindows

Sections

.text
Size: 349KB - Virtual size: 349KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56cd642ab6536752a9add60d75cb907c

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

advapi32

comdlg32

wininet

user32

Sections

.text Size: 349KB - Virtual size: 349KB

.rdata Size: 56KB - Virtual size: 68KB

.data Size: 109KB - Virtual size: 108KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 349KB - Virtual size: 349KB

.rdata
Size: 56KB - Virtual size: 68KB

.data
Size: 109KB - Virtual size: 108KB

.rsrc
Size: 16KB - Virtual size: 15KB