0e2b921e49fe3e23c77b8b2025a1773f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0e2b921e49fe3e23c77b8b2025a1773f_JaffaCakes118
Size

293KB
MD5

0e2b921e49fe3e23c77b8b2025a1773f
SHA1

19cca9b8a19ed4f11e3c398e28ed6b8914843ae0
SHA256

02cc5dcd7e68cc6d2cd6a7df1a830e5cfaa871305b5d32aaebd183d7f851c76f
SHA512

20556d68b4ebf14cc2ecd03a2f82afb11bfadb06c9dda082386c05beba8a5c72f5c671a63a626c4ddb3809f9612a20f457cafe25c1b296237217956dd0c4f0e3
SSDEEP

6144:6ItSbCs+ehBKs+ZXolqyFXpI4ht6DE76SAHtSj6sjoLj4cGxfNFupDE:BsbCs+ZXo11z7KIoLVG9NktE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e2b921e49fe3e23c77b8b2025a1773f_JaffaCakes118

Files

0e2b921e49fe3e23c77b8b2025a1773f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fab4bf4cfb81aeea7b3de33fa6d224f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\speehgdlx\tlrvoo\qtamtgao.pdb

Imports

comctl32

ImageList_LoadImageA
ImageList_AddIcon
InitCommonControlsEx
ImageList_GetFlags
ImageList_DragEnter
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_DrawIndirect
CreatePropertySheetPage
CreateUpDownControl
ImageList_EndDrag
ImageList_AddMasked
ImageList_GetImageCount
ImageList_SetFilter
MakeDragList
ImageList_LoadImageW
ImageList_Destroy

user32

DefDlgProcW
CharToOemBuffW
GetForegroundWindow
DrawMenuBar
RegisterClassExA
PostQuitMessage
GetDoubleClickTime
RegisterClassA
TrackPopupMenuEx
DdeAbandonTransaction
OffsetRect
CheckMenuRadioItem
EndDeferWindowPos
CallMsgFilterA
GetKeyboardLayoutList

wininet

ShowX509EncodedCertificate
IsUrlCacheEntryExpiredA
FtpRenameFileW
InternetOpenUrlW
HttpSendRequestA
GopherOpenFileW
CreateUrlCacheEntryA
InternetCreateUrlW

shell32

SHBrowseForFolder
SHUpdateRecycleBinIcon
RealShellExecuteExW
SHEmptyRecycleBinA

kernel32

LoadLibraryW
HeapCreate
LoadLibraryA
TerminateProcess
GetStdHandle
GetCurrentProcess
ReleaseSemaphore
LCMapStringA
GetStartupInfoA
GetTimeZoneInformation
CompareStringA
HeapReAlloc
GetSystemTimeAsFileTime
GetStringTypeW
ReadFile
FreeEnvironmentStringsW
RtlUnwind
UnhandledExceptionFilter
GetEnvironmentVariableA
OpenMutexW
IsValidLocale
CompareStringW
GetEnvironmentStrings
FlushFileBuffers
GetOEMCP
GetTimeFormatA
GetCurrentProcessId
GetCurrentThread
VirtualQuery
SetLocaleInfoW
SetEnvironmentVariableA
CreateMutexA
GetEnvironmentStringsW
EnterCriticalSection
QueryPerformanceCounter
InitializeCriticalSection
DeleteFileA
HeapSize
VirtualAlloc
GetUserDefaultLCID
WriteFile
SetHandleCount
TlsFree
SetWaitableTimer
GetLastError
GetCommandLineA
GetModuleFileNameA
FreeEnvironmentStringsA
GetCommandLineW
SetLastError
GetConsoleTitleW
GetCurrentThreadId
GetStartupInfoW
ExitProcess
IsBadWritePtr
TlsAlloc
SetStdHandle
CreateMailslotA
SetEndOfFile
TlsGetValue
GetFileType
InterlockedExchange
CloseHandle
GetModuleHandleA
DeleteCriticalSection
GetLocaleInfoW
GetDateFormatA
OpenMutexA
WideCharToMultiByte
IsValidCodePage
LCMapStringW
HeapFree
GetModuleFileNameW
GetSystemInfo
EnumSystemLocalesA
HeapDestroy
LeaveCriticalSection
SetFilePointer
GetTickCount
GetVersionExA
GetStringTypeA
TlsSetValue
VirtualFree
GetProcAddress
GetLocaleInfoA
GetCPInfo
MultiByteToWideChar
GetACP
VirtualProtect
HeapAlloc

Sections

.text
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fab4bf4cfb81aeea7b3de33fa6d224f3

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

wininet

shell32

kernel32

Sections

.text Size: 174KB - Virtual size: 174KB

.rdata Size: 23KB - Virtual size: 53KB

.data Size: 86KB - Virtual size: 85KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 174KB - Virtual size: 174KB

.rdata
Size: 23KB - Virtual size: 53KB

.data
Size: 86KB - Virtual size: 85KB

.rsrc
Size: 8KB - Virtual size: 7KB