eb75bfd101986593a3b499db2b612998_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eb75bfd101986593a3b499db2b612998_JaffaCakes118
Size

547KB
MD5

eb75bfd101986593a3b499db2b612998
SHA1

21f6cce3df26c064859907073bdbf372372fdfda
SHA256

16c481ddaddb53275a880f6356ecfa3284148b16752bb52f07d176bc75b631a6
SHA512

83d0728cced20f54cb3b1cca0a9479f1edc8de1128608fae8d361f609f80087c1e39b5000f205410bf390c610862586e77f60346906ca7e086a1b59e10012f51
SSDEEP

12288:7+VMmkdCc8Jc7hV/6YsYj1fRrgwLlKotI83aMyyej7ZlfrIa4WG:7+ird78JB/mxRUgHO8KMyyGNlfUp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb75bfd101986593a3b499db2b612998_JaffaCakes118

Files

eb75bfd101986593a3b499db2b612998_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab84ed44ba0ac0107ac67632ab83f83d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\KOXAV\NS

Imports

kernel32

GetStartupInfoW
LeaveCriticalSection
SetLastError
SetStdHandle
WriteConsoleW
GetVersionExA
SetHandleCount
EnterCriticalSection
GetConsoleMode
GetFileType
SetUnhandledExceptionFilter
RtlUnwind
CloseHandle
GetTimeFormatA
IsValidLocale
WriteFile
TlsSetValue
GetTickCount
VirtualProtect
QueryPerformanceCounter
GetModuleFileNameA
InterlockedDecrement
SetFilePointer
FreeEnvironmentStringsA
CompareStringA
FlushFileBuffers
TryEnterCriticalSection
GetCommandLineA
VirtualFree
GetLastError
GetStringTypeA
VirtualQuery
TerminateProcess
CreateMutexA
WriteProfileSectionA
FreeLibrary
GetThreadSelectorEntry
GetOEMCP
VirtualAlloc
HeapAlloc
TlsGetValue
HeapFree
GetCommandLineW
GetCurrentProcessId
GetTimeZoneInformation
HeapSize
InterlockedExchange
InterlockedIncrement
EnumCalendarInfoA
IsDebuggerPresent
GetCPInfo
GetConsoleOutputCP
GetStringTypeW
GetACP
CreateFileA
EnumResourceLanguagesW
GetProcAddress
LCMapStringA
Sleep
TlsAlloc
CompareStringW
DeleteCriticalSection
GetEnvironmentStringsW
HeapReAlloc
ReadFile
InitializeCriticalSection
SetEnvironmentVariableA
GetConsoleCP
FreeEnvironmentStringsW
GetStdHandle
ExitProcess
GetModuleHandleA
GetCurrentThreadId
GetModuleFileNameW
GetDateFormatA
GetProcessHeap
GetCurrentThread
LCMapStringW
OpenMutexA
MultiByteToWideChar
GetSystemTimeAsFileTime
WriteConsoleA
HeapCreate
SetConsoleCtrlHandler
CreatePipe
LoadLibraryA
IsValidCodePage
GetLocaleInfoW
HeapDestroy
WideCharToMultiByte
EnumSystemLocalesA
SetConsoleMode
LocalFileTimeToFileTime
GetCurrentProcess
GetLocaleInfoA
UnhandledExceptionFilter
GetStartupInfoA
GetEnvironmentStrings
GetUserDefaultLCID
TlsFree
WriteProfileStringW

shell32

RealShellExecuteExA
ExtractAssociatedIconExW

user32

ShowWindow
DdeClientTransaction
RegisterClassA
CreateWindowExA
RegisterClassExA
MessageBoxA
EnumPropsExW

gdi32

PlayEnhMetaFile
GetPixelFormat
SelectClipPath
AbortDoc
CreateEnhMetaFileW
CreateDCW
CreateDCA
SetAbortProc
GetWindowOrgEx
GetEnhMetaFileA
GetObjectType
GetTextMetricsW
CopyEnhMetaFileW
CreateColorSpaceW
GetViewportOrgEx
SetPixelFormat
ResetDCW
GdiPlayScript
SetBitmapDimensionEx
ExtEscape
GetDeviceCaps
CreateScalableFontResourceA
GetMiterLimit
SetEnhMetaFileBits
DeleteDC
PolyDraw

advapi32

RegSetValueW
RegConnectRegistryA

comctl32

ImageList_DrawIndirect
ImageList_Copy
InitMUILanguage
ImageList_Write
ImageList_DragMove
CreateToolbarEx
ImageList_GetImageCount
ImageList_DrawEx
ImageList_DragShowNolock
InitCommonControlsEx
ImageList_GetBkColor
DrawInsert
CreateToolbar
ImageList_Create
ImageList_SetDragCursorImage
ImageList_GetIcon
ImageList_DragEnter

wininet

FindCloseUrlCache
InternetReadFileExA
InternetSetCookieA

Sections

.text
Size: 341KB - Virtual size: 341KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab84ed44ba0ac0107ac67632ab83f83d

Headers

File Characteristics

PDB Paths

Imports

kernel32

shell32

user32

gdi32

advapi32

comctl32

wininet

Sections

.text Size: 341KB - Virtual size: 341KB

.rdata Size: 39KB - Virtual size: 56KB

.data Size: 105KB - Virtual size: 105KB

.rsrc Size: 60KB - Virtual size: 59KB

.text
Size: 341KB - Virtual size: 341KB

.rdata
Size: 39KB - Virtual size: 56KB

.data
Size: 105KB - Virtual size: 105KB

.rsrc
Size: 60KB - Virtual size: 59KB