254419e858bb5f60138763da24958af0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

254419e858bb5f60138763da24958af0_JaffaCakes118
Size

1.3MB
MD5

254419e858bb5f60138763da24958af0
SHA1

2e329d357fb433543818f09c521b043bdc661d60
SHA256

faa4a310269d403ba1159ff0e1bfe05c83204d41d97078e34081ac8c629e6379
SHA512

a290567cc5b253c5d0a072cb2044242aed24956495d336dea1c864952653d9fc23301a0ad2a05e8cf367403aaa83e6b2549c8c657b29e28ab82ef1c39c1bd8dc
SSDEEP

24576:F1ozGD8KFL/chBt2eFQTlHSsrI99SDGWrkCy23matqdqdqTqpq7qtq:FkJ2lTpSskXSDGWrz2atqdqdqTqpq7qc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
254419e858bb5f60138763da24958af0_JaffaCakes118

Files

254419e858bb5f60138763da24958af0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2acaca9a1c9106a08aa5ae8d1d893ddc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\hiyo\teut.pdb

Imports

comdlg32

GetOpenFileNameW
ChooseFontA
ChooseFontW
ChooseColorW

kernel32

SetEnvironmentVariableA
GetLocaleInfoA
IsDebuggerPresent
CompareStringW
CloseHandle
CompareStringA
GetCPInfo
GetLastError
GetStartupInfoA
IsValidCodePage
SetComputerNameA
GetProcAddress
TlsAlloc
WriteConsoleW
EnumSystemLocalesA
lstrcpyn
TlsSetValue
WriteConsoleOutputCharacterA
LCMapStringA
SetStdHandle
InterlockedExchange
FreeEnvironmentStringsW
DeleteCriticalSection
WriteFile
GetUserDefaultLCID
TlsFree
SetConsoleWindowInfo
GetOEMCP
GetSystemTimeAsFileTime
GetACP
VirtualQuery
GetTickCount
SetUnhandledExceptionFilter
HeapAlloc
GetStringTypeA
VirtualAlloc
LeaveCriticalSection
GlobalGetAtomNameW
GetAtomNameA
HeapCreate
WriteProfileStringW
InterlockedDecrement
HeapFree
GetConsoleOutputCP
WriteConsoleA
GetTimeFormatA
GetProcessHeap
SetConsoleCtrlHandler
GetCommandLineW
GetModuleFileNameW
CreateFileA
GetStdHandle
VirtualFree
GetCommandLineA
LockFileEx
QueryPerformanceCounter
HeapDestroy
RtlUnwind
GetFileType
FreeLibrary
GetLogicalDriveStringsA
TerminateProcess
MultiByteToWideChar
SetHandleCount
GetVersionExA
GetStartupInfoW
CreateToolhelp32Snapshot
HeapSize
CreateMutexA
GetConsoleCursorInfo
ExitProcess
GetLocaleInfoW
GlobalFree
EnumResourceLanguagesA
LCMapStringW
GetCurrentThreadId
SetLastError
GetStringTypeW
OpenMutexA
GetEnvironmentStrings
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetCurrentProcessId
GetCurrentProcess
ReadFile
LoadLibraryA
EnterCriticalSection
WideCharToMultiByte
InterlockedIncrement
ResetEvent
SetFilePointer
GetCurrentThread
HeapReAlloc
TlsGetValue
GetModuleFileNameA
GetModuleHandleA
FlushFileBuffers
GetEnvironmentStringsW
InitializeCriticalSection
Sleep
GetDateFormatA
SetConsoleCursorPosition
GetConsoleMode
IsValidLocale
GetConsoleCP
FindAtomA
GetTempPathW
GetTimeZoneInformation
FindResourceExA

user32

RegisterClassExA
SetClassWord
GetUserObjectInformationA
DefWindowProcA
DdeQueryStringW
KillTimer
CreateWindowExW
ReuseDDElParam
RegisterClassA
ShowWindow
DestroyWindow
GetMonitorInfoW
MessageBoxA

comctl32

DestroyPropertySheetPage
DrawInsert
InitMUILanguage
ImageList_DrawEx
ImageList_DragShowNolock
CreateToolbarEx
_TrackMouseEvent
CreatePropertySheetPageW
InitCommonControlsEx
CreateToolbar
ImageList_LoadImageA
ImageList_GetIconSize

Sections

.text
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 247KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 899KB - Virtual size: 888KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2acaca9a1c9106a08aa5ae8d1d893ddc

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

user32

comctl32

Sections

.text Size: 149KB - Virtual size: 149KB

.rdata Size: 247KB - Virtual size: 258KB

.data Size: 899KB - Virtual size: 888KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 149KB - Virtual size: 149KB

.rdata
Size: 247KB - Virtual size: 258KB

.data
Size: 899KB - Virtual size: 888KB

.rsrc
Size: 10KB - Virtual size: 9KB