fd2c175117d32a709d34f88aa8f69e9d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fd2c175117d32a709d34f88aa8f69e9d_JaffaCakes118
Size

491KB
MD5

fd2c175117d32a709d34f88aa8f69e9d
SHA1

bc5b52cf5b62beb0d9aeb196e5904badfa4f837b
SHA256

39000ebfe1151889af2beb3c666f24854c0cf268c5671fc4549e6cdeecf936e8
SHA512

7a352e047f316d6fb9be13d52c945065187e38b824e997dab89b1d8153dcc5981325b4bc067b5a66675693bf9cf2901be267c331c90ff51ab1bbd60a8c2dcab0
SSDEEP

12288:HAzZyMbqfq3x3s//y6ujNGFR64u4X2ikUiXGbZf:HA9yMbqSh8lwcr5u4X25Gb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd2c175117d32a709d34f88aa8f69e9d_JaffaCakes118

Files

fd2c175117d32a709d34f88aa8f69e9d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

579cb3dbf7f63d8dc9d9ed0c19b7c0c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\PETEEYYS\BFVEIV\SXT\PCI\JEQDYVAT.PDB

Imports

gdi32

EnumICMProfilesW
LPtoDP
CopyEnhMetaFileW
EndPath
DrawEscape
SetWinMetaFileBits
SetWindowExtEx
PolyBezier
GetMetaFileW

kernel32

HeapCreate
LeaveCriticalSection
HeapDestroy
HeapAlloc
GetEnvironmentStringsW
UnhandledExceptionFilter
SetFilePointer
WriteFile
GetTimeZoneInformation
CompareStringA
FreeEnvironmentStringsW
InterlockedDecrement
InterlockedExchange
GetFileType
IsBadWritePtr
GetCurrentProcessId
LoadLibraryA
GetCommandLineW
LCMapStringW
SetHandleCount
GetCurrentProcess
GetCurrentThreadId
ReadFile
HeapReAlloc
GetStdHandle
GetModuleFileNameW
GetNumberFormatA
LCMapStringA
OpenProcess
GetSystemTimeAsFileTime
GetModuleHandleA
TerminateProcess
TlsAlloc
VirtualQuery
InitializeCriticalSection
FreeEnvironmentStringsA
GetModuleFileNameA
ExitProcess
RtlUnwind
VirtualFree
TlsGetValue
TlsFree
GetStartupInfoA
LocalLock
OutputDebugStringA
WideCharToMultiByte
GetSystemTime
SetStdHandle
OpenMutexA
LoadLibraryExA
GetStringTypeA
TlsSetValue
DeleteCriticalSection
SetLastError
GetStringTypeW
GetEnvironmentStrings
EnterCriticalSection
CreateMutexA
GetCurrentThread
LockFile
CompareStringW
InterlockedIncrement
FlushFileBuffers
SetEnvironmentVariableA
GetVersion
GetProcAddress
CloseHandle
GetLastError
GetTickCount
GetLocalTime
MultiByteToWideChar
GetCommandLineA
QueryPerformanceCounter
VirtualAlloc
GetCPInfo
HeapFree
GetPrivateProfileSectionNamesA
GetStartupInfoW

comdlg32

ChooseFontW
PrintDlgW
ReplaceTextA
FindTextA

user32

IsWindowEnabled
GetKBCodePage
FreeDDElParam
RegisterClassA
FindWindowExW
GetWindowInfo
GetAncestor
RemoveMenu
CharLowerBuffW
GrayStringW
RegisterClassExA
RemovePropA
GetParent
RegisterWindowMessageA
SetMenuItemInfoW
DrawStateW
TranslateMDISysAccel

comctl32

InitCommonControlsEx

Sections

.text
Size: 354KB - Virtual size: 354KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

579cb3dbf7f63d8dc9d9ed0c19b7c0c3

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

comdlg32

user32

comctl32

Sections

.text Size: 354KB - Virtual size: 354KB

.rdata Size: 16KB - Virtual size: 36KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 354KB - Virtual size: 354KB

.rdata
Size: 16KB - Virtual size: 36KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 15KB - Virtual size: 14KB