552de2639cfd469d98ed5218e7e9a33c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

552de2639cfd469d98ed5218e7e9a33c_JaffaCakes118
Size

552KB
MD5

552de2639cfd469d98ed5218e7e9a33c
SHA1

8531f927d45a144b3d160a119a21431864dce8f9
SHA256

211996fca66dbc849b422096474bbb088784d6ca3641c93b68cf906d5141fb30
SHA512

dbe98a6ecb68bc229b70cc28086cf70c3060a1439d83432eac6968fe7b0cddb0e3b639ba4783f4c43765a91371eb333e9695ccff9339c02385db44adeb973d5b
SSDEEP

12288:kDnHdawRAWFW1lfdkewSkKG1Leg6uT9rN8MOO560h:+nHdawO/lfQR1BB5j60h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
552de2639cfd469d98ed5218e7e9a33c_JaffaCakes118

Files

552de2639cfd469d98ed5218e7e9a33c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

593d77d3f65b4cb38e9e60aa7016f7a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\xofho\jnedqj\fhe\rtreyeeql\reeoqauusd.pdb

Imports

kernel32

CompareStringA
GetModuleFileNameA
GetAtomNameW
IsBadWritePtr
GetCurrentProcess
FreeEnvironmentStringsA
SetHandleCount
EnumSystemCodePagesW
GetProfileSectionA
SystemTimeToFileTime
InterlockedExchange
LoadModule
GetSystemDefaultLCID
EnumSystemLocalesA
GetEnvironmentStrings
GetDiskFreeSpaceA
LocalFlags
FlushFileBuffers
GetCurrentThread
GetCurrentProcessId
RemoveDirectoryA
GetCalendarInfoW
HeapSize
GetTickCount
ReadConsoleInputW
FindNextChangeNotification
VirtualAllocEx
FormatMessageA
SetFileAttributesA
WaitForMultipleObjects
WideCharToMultiByte
GetUserDefaultLCID
LCMapStringW
GetOEMCP
GetStringTypeA
GetTempPathA
GetVersionExA
DosDateTimeToFileTime
GetCurrentThreadId
TlsFree
InitializeCriticalSection
UnhandledExceptionFilter
VirtualFree
FindAtomA
GetStringTypeW
GetLocaleInfoW
EnumResourceLanguagesW
WriteFile
CompareStringW
GetEnvironmentStringsW
DeleteCriticalSection
IsValidCodePage
SetEnvironmentVariableA
GlobalAddAtomA
SetLastError
TlsAlloc
RtlUnwind
GetSystemInfo
FreeEnvironmentStringsW
MoveFileExA
SetStdHandle
LockFileEx
OpenProcess
GetFileType
CreateDirectoryExW
WriteProfileStringA
ReadFile
GetDiskFreeSpaceExW
GetThreadLocale
IsBadReadPtr
MultiByteToWideChar
QueryPerformanceCounter
VirtualQuery
GetCPInfo
GetStdHandle
TerminateProcess
SetFilePointer
GetSystemTimeAsFileTime
GlobalReAlloc
ReleaseSemaphore
LeaveCriticalSection
HeapReAlloc
GetProcAddress
LocalLock
GetStartupInfoA
FillConsoleOutputCharacterW
GetLocaleInfoA
HeapFree
WriteConsoleOutputW
CreateMutexA
SetLocalTime
HeapDestroy
VirtualProtect
GetModuleHandleA
OpenWaitableTimerA
TlsGetValue
GetACP
WriteConsoleOutputCharacterW
LCMapStringA
EnterCriticalSection
GetLastError
ExitProcess
GetCommandLineA
OpenMutexA
HeapValidate
LocalHandle
GlobalSize
CreateSemaphoreA
FreeLibrary
GetDateFormatA
DeleteFiber
VirtualProtectEx
RemoveDirectoryW
VirtualAlloc
GetCurrentDirectoryA
GetTimeFormatA
LoadLibraryA
LocalFree
CloseHandle
CreateWaitableTimerW
EnumResourceNamesA
VirtualQueryEx
InterlockedDecrement
DeleteFileA
EnumResourceNamesW
TlsSetValue
GetFullPathNameA
HeapCreate
GetTimeZoneInformation
IsValidLocale
HeapAlloc
SetConsoleScreenBufferSize

user32

GetProcessWindowStation
RegisterClassExA
CreateMDIWindowA
IsWindow
DefWindowProcA
ShowWindow
CharToOemA
SetShellWindow
GetCaretBlinkTime
EndDialog
IsDialogMessage
GetClassLongW
CreateWindowExW
GetWindowTextLengthW
GetQueueStatus
DestroyWindow
CopyIcon
MessageBoxA
ChildWindowFromPointEx
IsDialogMessageW
GetClipboardSequenceNumber
SetThreadDesktop
ImpersonateDdeClientWindow
CascadeChildWindows
GetWindowModuleFileNameW
MapVirtualKeyExW
GetDlgCtrlID
LookupIconIdFromDirectory
EndMenu
BroadcastSystemMessage
RegisterClassA
EnumThreadWindows
GetWindowRgn
SetMessageQueue
IsCharAlphaA
MonitorFromWindow
PostQuitMessage
GetClassLongA
SendNotifyMessageW
OemToCharA
PaintDesktop
CharToOemBuffA

comctl32

_TrackMouseEvent
CreateUpDownControl
ImageList_DragLeave
ImageList_GetFlags
ImageList_DrawIndirect
ImageList_AddMasked
CreateToolbarEx
ImageList_LoadImageA
CreateStatusWindow
DrawStatusTextA
ImageList_GetImageCount
CreateToolbar
DrawInsert
CreateMappedBitmap
DrawStatusText
InitCommonControlsEx
ImageList_GetDragImage
DestroyPropertySheetPage
ImageList_SetOverlayImage
ImageList_Destroy
InitMUILanguage
GetEffectiveClientRect
ImageList_Replace
ImageList_Add
ImageList_GetImageInfo

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

593d77d3f65b4cb38e9e60aa7016f7a3

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

Sections

.text Size: 160KB - Virtual size: 158KB

.rdata Size: 252KB - Virtual size: 251KB

.data Size: 112KB - Virtual size: 121KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 160KB - Virtual size: 158KB

.rdata
Size: 252KB - Virtual size: 251KB

.data
Size: 112KB - Virtual size: 121KB

.rsrc
Size: 24KB - Virtual size: 22KB