d4552cebfb41cad2c1e21083a8132d4f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d4552cebfb41cad2c1e21083a8132d4f_JaffaCakes118
Size

229KB
MD5

d4552cebfb41cad2c1e21083a8132d4f
SHA1

bc4fe05e16b98642b63fdbf4db1d75ef41ae21ba
SHA256

1537ef1c2effb5b7226991ca14125d8dd92c4cac18499ad2bd4b8de15dcdb5ea
SHA512

7112f91688e485f00537f862e4f1d21530d3bee2527568ba1ac00c1801370b6a027bad420908bd04d014b8d404d7af794a49dc6b576d26221e484a9153bd621e
SSDEEP

3072:3Vgb9ycUIladEuVsDU8tNhzb2tJQjSgPKjrK69Ed:ub9ycUIQ3U1qJMSgiaUc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4552cebfb41cad2c1e21083a8132d4f_JaffaCakes118

Files

d4552cebfb41cad2c1e21083a8132d4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c86687f3d687c82ee92b3a6e4a0bbff5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

s:\ytb\toolbar\yt-mail\ytie\ytbbroker\release\ytbb.pdb

Imports

kernel32

WriteFile
SetFilePointer
ReadFile
GetFileSize
CreateFileA
DeleteFileA
FindClose
FindNextFileA
FindFirstFileA
WaitForSingleObject
DeleteCriticalSection
Sleep
CreateThread
CreateEventA
GetCommandLineA
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
InitializeCriticalSection
lstrlenA
lstrcmpiA
IsDBCSLeadByte
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
CloseHandle
LoadResource
FindResourceA
GetModuleHandleA
GetCurrentThreadId
SetEvent
LocalFree
ReleaseMutex
LocalAlloc
GetCurrentProcess
CreateDirectoryA
LockResource
FindResourceExA
CreateMutexA
WaitForMultipleObjects
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
RtlUnwind
LoadLibraryA
GetProcAddress
RaiseException
InterlockedDecrement
GetVersionExA
LoadLibraryExA
GetLastError
FreeLibrary
SizeofResource
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStdHandle
SetStdHandle
ExitProcess
HeapSize
VirtualFree
HeapCreate
HeapDestroy
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
SetLastError
TlsFree
TlsSetValue
TlsAlloc
GetConsoleMode
GetConsoleCP
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
GetFileAttributesA
GetProcessHeap
GetStartupInfoA
GetCPInfo
GetOEMCP
IsValidCodePage
TlsGetValue

user32

PeekMessageA
MsgWaitForMultipleObjects
PostThreadMessageA
GetMessageA
DispatchMessageA
TranslateMessage
CharNextA
UnregisterClassA
CharUpperA

advapi32

RegQueryValueExA
GetSecurityDescriptorLength
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumKeyExA

ole32

StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoUninitialize
CoRegisterClassObject
CoRevokeClassObject
CoInitialize

oleaut32

SysStringLen
SysStringByteLen
SysFreeString
VarUI4FromStr
VarBstrCat
SysAllocStringLen
RegisterTypeLi
UnRegisterTypeLi
SysAllocString
LoadTypeLi
LoadRegTypeLi
SysAllocStringByteLen

shlwapi

SHDeleteKeyA

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.brdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c86687f3d687c82ee92b3a6e4a0bbff5

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

Sections

.text Size: 104KB - Virtual size: 100KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 8KB - Virtual size: 5KB

.brdata Size: 76KB - Virtual size: 76KB

.text
Size: 104KB - Virtual size: 100KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 8KB - Virtual size: 5KB

.brdata
Size: 76KB - Virtual size: 76KB