133dbd3fb1f519a27723fbd6ec0e7300_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

133dbd3fb1f519a27723fbd6ec0e7300_JaffaCakes118
Size

348KB
MD5

133dbd3fb1f519a27723fbd6ec0e7300
SHA1

0f235685063ee94963d98dc70a7997d0ef28718c
SHA256

455c8ac83617401dfcb43f095c1586bed1328703eda9d3058e6e0d869754b5f3
SHA512

c8f19d97b0d9c1667097a55f5e6b28643eede15b7b23cb5c7710c75ac942272d7717ae11d6c795f090e780f266b373c0a2694955f37a991c6792bc55b93ac8b4
SSDEEP

6144:g83DigFiFOvPTJ/+35h9cbCGTaweoOC5/S9JXo4zEH:g8WDFOnT435Xc2/toOC5/wJEH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
133dbd3fb1f519a27723fbd6ec0e7300_JaffaCakes118

Files

133dbd3fb1f519a27723fbd6ec0e7300_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0812e3f18aee1374f58bac5dfb216aa0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\nubaeo\etf

Imports

comctl32

ImageList_DrawIndirect
GetEffectiveClientRect
InitCommonControlsEx
ImageList_Replace
ImageList_Create
ImageList_DrawEx
ImageList_GetIcon
CreateMappedBitmap
CreateStatusWindowW
ImageList_GetImageInfo
ImageList_SetImageCount
ImageList_Write
ImageList_ReplaceIcon
ImageList_Copy
CreatePropertySheetPageA
ImageList_Destroy
CreateToolbar
ImageList_Draw
ImageList_SetIconSize
CreateUpDownControl
DrawStatusText

kernel32

GetStdHandle
GetSystemTime
GetEnvironmentStringsW
GetTickCount
CompareStringW
TerminateProcess
GetCurrentThread
SetFilePointer
GetSystemTimeAsFileTime
CreateMutexA
ReadFile
FillConsoleOutputAttribute
VirtualQuery
GetCommandLineW
LoadLibraryA
TlsGetValue
CloseHandle
MultiByteToWideChar
GetVersion
IsBadWritePtr
FreeEnvironmentStringsA
InitializeCriticalSection
GetPrivateProfileStructA
HeapFree
GetStringTypeW
HeapReAlloc
LeaveCriticalSection
GetCommandLineA
SetStdHandle
InterlockedIncrement
GetCurrentProcess
QueryPerformanceCounter
SetLastError
GetModuleHandleA
EnterCriticalSection
HeapDestroy
SetEnvironmentVariableA
TlsFree
LCMapStringW
HeapCreate
FlushFileBuffers
InterlockedExchange
VirtualAlloc
LCMapStringA
GetStringTypeA
VirtualFree
UnhandledExceptionFilter
GetCPInfo
CompareStringA
InterlockedDecrement
GetCurrentProcessId
GetStartupInfoW
GetModuleFileNameA
GetLocalTime
TlsSetValue
ExitProcess
OpenMutexA
GetModuleFileNameW
GlobalUnlock
RtlUnwind
WriteFile
GetStartupInfoA
WideCharToMultiByte
GetLastError
GetFileType
WriteConsoleInputA
GetTimeZoneInformation
HeapAlloc
GetConsoleMode
CreateDirectoryExA
WriteProfileSectionA
LockFile
FreeEnvironmentStringsW
GetEnvironmentStrings
GetCurrentThreadId
lstrcmp
DeleteCriticalSection
GetProcAddress
SetHandleCount
TlsAlloc

user32

DdeGetLastError
RealGetWindowClass
CharPrevExA
CreateWindowStationW
GetCaretPos
TrackPopupMenuEx
RegisterDeviceNotificationA
GetGuiResources
RegisterClassExA
ChangeDisplaySettingsExA
ToUnicode
DefWindowProcW
DdeUninitialize
CreateWindowExA
ShowWindow
SetScrollInfo
DestroyWindow
DrawEdge
MessageBoxW
GrayStringA
DlgDirListW
CheckMenuItem
RegisterClassA
SetScrollPos
GetMenuBarInfo

Sections

.text
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0812e3f18aee1374f58bac5dfb216aa0

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

Sections

.text Size: 120KB - Virtual size: 116KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 88KB - Virtual size: 107KB

.rsrc Size: 64KB - Virtual size: 60KB

.text
Size: 120KB - Virtual size: 116KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 88KB - Virtual size: 107KB

.rsrc
Size: 64KB - Virtual size: 60KB