e04cdef9dfb00054e89ef6665355331b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e04cdef9dfb00054e89ef6665355331b_JaffaCakes118
Size

596KB
MD5

e04cdef9dfb00054e89ef6665355331b
SHA1

afa3e8ec7e628ebb24d0c2aa8a88f30806edae08
SHA256

7a62d33c489e13779e6546a6f242ea7a8e26c35ff1b4e697862d60bbc2f85408
SHA512

6dd6cce8dd53ef74d566bcd6dadf785f7001ca4234c5a9d0b12dac89bea058d6fcd2ec13094b98d54a8ad76277ba69e3fe59fe8d78459699d66305fd3b519a02
SSDEEP

12288:kFXMzjdm52iETYwShgP1BFFkuPIlDWYf/cKzPNHrSrHf:G6je2JYwShgdBED1/cKzRU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e04cdef9dfb00054e89ef6665355331b_JaffaCakes118

Files

e04cdef9dfb00054e89ef6665355331b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

306bd11f180edc2074ba382a4ceeb04c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\zbijoairfj\nuaqriorsl\xwcre

Imports

gdi32

Pie
CreateCompatibleDC
CombineTransform
Ellipse
SetICMMode
GetEnhMetaFilePaletteEntries
GetGlyphOutline
CreateFontW
DPtoLP
CreateRectRgn

kernel32

VirtualQuery
WaitForMultipleObjects
Sleep
QueryPerformanceCounter
GetCurrentProcessId
GetFileType
CreateFileA
WriteConsoleA
SetEnvironmentVariableA
GetUserDefaultLCID
EnumSystemLocalesA
TlsGetValue
GetTimeZoneInformation
GetDateFormatA
ReadFile
GetStringTypeA
CreateMutexA
CloseHandle
FlushFileBuffers
WaitCommEvent
GetACP
OpenWaitableTimerA
OpenMutexA
GetProcessHeap
EnterCriticalSection
LCMapStringA
GetStringTypeExA
SetConsoleCtrlHandler
HeapReAlloc
SetLastError
IsValidCodePage
InterlockedExchange
GetModuleFileNameW
GetCPInfo
CopyFileA
GetTimeFormatA
GetLastError
GetModuleFileNameA
GetStartupInfoA
GetStartupInfoW
CompareStringA
GetConsoleMode
LeaveCriticalSection
VirtualAlloc
GetProcAddress
GetSystemInfo
HeapCreate
GetEnvironmentStringsW
WriteConsoleOutputCharacterW
SetFilePointer
GetLocaleInfoA
ExitProcess
HeapFree
CompareStringW
SetUnhandledExceptionFilter
TerminateProcess
GetConsoleCP
HeapAlloc
SetStdHandle
TlsSetValue
LCMapStringW
GetStringTypeW
WideCharToMultiByte
FreeEnvironmentStringsW
InitializeCriticalSection
IsValidLocale
FreeLibrary
InitializeCriticalSectionAndSpinCount
TlsAlloc
LoadLibraryA
InterlockedIncrement
SetFileAttributesW
GetTickCount
GetModuleHandleA
GetVersionExA
GetOEMCP
GetSystemTimeAsFileTime
WriteFile
GetStdHandle
HeapDestroy
IsDebuggerPresent
FreeEnvironmentStringsA
UnhandledExceptionFilter
RtlUnwind
GlobalFindAtomA
VirtualFree
GetLocaleInfoW
GetConsoleOutputCP
GetCommandLineA
WriteConsoleW
SetConsoleMode
GetCommandLineW
SetHandleCount
GetEnvironmentStrings
HeapSize
CreateFileMappingW
GetCurrentProcess
InterlockedDecrement
MultiByteToWideChar
TlsFree
GetCurrentThread
DeleteCriticalSection
GetCurrentThreadId

user32

ShowWindow
CreateWindowExW
MapDialogRect
InsertMenuItemW
GetNextDlgTabItem
MenuItemFromPoint
RegisterHotKey
RegisterClassA
ReleaseCapture
DrawEdge
GetMessageA
CharUpperBuffA
IsCharAlphaA
SetMenuDefaultItem
IsMenu
EnumPropsExW
EnumDisplaySettingsA
SetWindowLongA
DeferWindowPos
GetClipboardFormatNameW
GetUserObjectInformationW
IsWindowUnicode
RegisterClassExA
OpenWindowStationA
SendInput
DestroyWindow
MessageBoxA
DefWindowProcW

comctl32

ImageList_DragLeave
_TrackMouseEvent
ImageList_SetOverlayImage
ImageList_Remove
ImageList_ReplaceIcon
InitCommonControlsEx

wininet

InternetSetDialState
FtpSetCurrentDirectoryA
InternetSecurityProtocolToStringA
CommitUrlCacheEntryA
SetUrlCacheEntryGroupW
HttpSendRequestExW

Sections

.text
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

306bd11f180edc2074ba382a4ceeb04c

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

user32

comctl32

wininet

Sections

.text Size: 176KB - Virtual size: 174KB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 112KB - Virtual size: 129KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 176KB - Virtual size: 174KB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 112KB - Virtual size: 129KB

.rsrc
Size: 48KB - Virtual size: 47KB