dbcb99f1ae5f8d859a92bc9a737b78aa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dbcb99f1ae5f8d859a92bc9a737b78aa_JaffaCakes118
Size

510KB
MD5

dbcb99f1ae5f8d859a92bc9a737b78aa
SHA1

352991e0e8f6dd4513b1bfcc8419d4d511ac7018
SHA256

8f9bb9a91d5934e95a3542727c01f15b2ff6140c8d74144e0f3e7814f5f36489
SHA512

dfaf0be4921b4a432a0c18325810b7f3af44c0faf8c01743b2c076d57e65e1f0ff92c7f5421699875b29ed4ab18d45a9c6bf1f00c16e97803674589669635959
SSDEEP

12288:gKioIXmoHCwJ4TcmJrNmoRu5DT7TUPwx:IXmoXzaMWuNPoU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbcb99f1ae5f8d859a92bc9a737b78aa_JaffaCakes118

Files

dbcb99f1ae5f8d859a92bc9a737b78aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28918623f1578da945ee9ffffa1ac5e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\uraqbutaa.pdb

Imports

kernel32

GetModuleFileNameA
OpenMutexA
TlsSetValue
InterlockedIncrement
WriteConsoleW
SetConsoleCtrlHandler
GetLastError
GetCommandLineA
EnterCriticalSection
FlushFileBuffers
GetModuleHandleW
DeleteCriticalSection
GetDateFormatA
IsValidLocale
VirtualFree
VirtualQuery
GetOEMCP
MultiByteToWideChar
TerminateProcess
GetACP
GetFileType
LCMapStringW
HeapAlloc
GetStartupInfoA
CreateFileA
GetCurrentProcess
TlsFree
WideCharToMultiByte
HeapSize
VirtualAlloc
InterlockedDecrement
GetTimeZoneInformation
SetEnvironmentVariableA
GetConsoleMode
HeapReAlloc
GetEnvironmentStrings
LoadLibraryA
SetStdHandle
TlsGetValue
GetLocaleInfoA
GetCurrentThreadId
ReadFile
GetEnvironmentStringsW
InterlockedExchange
LeaveCriticalSection
GetSystemTimeAsFileTime
GetStdHandle
ExitProcess
RtlUnwind
GetStringTypeW
GetTimeFormatA
LCMapStringA
QueryPerformanceCounter
FreeEnvironmentStringsA
WriteFile
CompareStringA
TlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetCPInfo
CloseHandle
CreateMutexA
FreeLibrary
WriteConsoleA
GetConsoleOutputCP
SetFilePointer
InitializeCriticalSectionAndSpinCount
IsValidCodePage
FreeResource
Sleep
IsDebuggerPresent
GetCurrentProcessId
GetConsoleCP
GetProcAddress
CompareStringW
HeapCreate
GetTickCount
GetModuleHandleA
HeapFree
SetHandleCount
EnumSystemLocalesA
GetStringTypeA
GetUserDefaultLCID
SetLastError
GetCurrentThread
GetLocaleInfoW
HeapDestroy

user32

SendNotifyMessageW
DefFrameProcW
GetClipCursor
SetMenu
RemoveMenu
GetDlgItemInt
WinHelpW
OemToCharBuffW
DragDetect
GetKBCodePage
FindWindowExW
CreateWindowExW
GetClipboardOwner
EnumDisplayDevicesA
wsprintfA
EnumWindowStationsW
BroadcastSystemMessage
GetMessageA
InsertMenuA
SetWindowsHookExW
CreateMDIWindowW
OemToCharA
SetClipboardData
RegisterClassA
EnableWindow
DdeQueryStringW
RegisterClassExA

comctl32

InitCommonControlsEx

Sections

.text
Size: 319KB - Virtual size: 318KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28918623f1578da945ee9ffffa1ac5e5

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

Sections

.text Size: 319KB - Virtual size: 318KB

.rdata Size: 57KB - Virtual size: 62KB

.data Size: 105KB - Virtual size: 105KB

.rsrc Size: 27KB - Virtual size: 27KB

.text
Size: 319KB - Virtual size: 318KB

.rdata
Size: 57KB - Virtual size: 62KB

.data
Size: 105KB - Virtual size: 105KB

.rsrc
Size: 27KB - Virtual size: 27KB