e74f5244ce49ff734ed616c740c3c313_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e74f5244ce49ff734ed616c740c3c313_JaffaCakes118
Size

584KB
MD5

e74f5244ce49ff734ed616c740c3c313
SHA1

01d8447e04a3404a3c1777fb0b519e4aa8703b95
SHA256

62337839d13c55b5d94c207112f83d86e02460de0187051d0f6d252efe1a5274
SHA512

79d1c9fa5703f74b9094498061b34663a163ca9dc4f7a3e65c9e40d083cd19d568bcd7d804c9569945efdbdba5c5adb403fc08eb73ad9b300b3739a15dcac9dc
SSDEEP

6144:v2hGqV/OSzFr2M7QbXXKl9E2eeMcKHTiVhEatNkWdBqO6EySbXoT4CNVoDxh7rme:v2sqlO+EiQbKw9rHTShE4NktO6LdpCf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e74f5244ce49ff734ed616c740c3c313_JaffaCakes118

Files

e74f5244ce49ff734ed616c740c3c313_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d52daa0778775c203e9479e3c9840df0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\pqjomop.pdb

Imports

kernel32

WideCharToMultiByte
LeaveCriticalSection
TlsAlloc
GetTimeZoneInformation
RtlUnwind
IsBadWritePtr
LCMapStringW
GetLocaleInfoA
RtlMoveMemory
GetCurrentThreadId
ReadConsoleInputW
IsValidCodePage
GetLocaleInfoW
TlsGetValue
GetStartupInfoA
GetFileAttributesExW
SetLastError
GetACP
GetUserDefaultLCID
QueryPerformanceCounter
ExitProcess
HeapDestroy
InitializeCriticalSection
GetStringTypeW
VirtualAlloc
GetFileType
GetStringTypeA
SetStdHandle
TlsSetValue
GetCurrentThread
SetFilePointer
GetStartupInfoW
GetSystemInfo
EnterCriticalSection
GetEnvironmentStrings
GetEnvironmentStringsW
TerminateProcess
HeapSize
FreeEnvironmentStringsA
GetOEMCP
IsValidLocale
GetDateFormatA
GetModuleHandleA
GetCommandLineW
GetCurrentProcessId
CloseHandle
GetModuleFileNameA
WaitForSingleObject
GetVersionExA
LoadLibraryA
OpenMutexA
InterlockedExchange
MultiByteToWideChar
EnumResourceTypesW
CreateMutexA
FreeEnvironmentStringsW
GetCommandLineA
SetEnvironmentVariableA
HeapCreate
GetCPInfo
TlsFree
HeapReAlloc
GetTimeFormatA
LCMapStringA
GetCalendarInfoW
GetCurrentProcess
VirtualProtect
DeleteCriticalSection
ReadFile
GetStdHandle
VirtualFree
GetNamedPipeHandleStateA
GetProcAddress
CompareStringW
GetLastError
EnumSystemLocalesA
CompareStringA
GetModuleFileNameW
WriteFile
GetTickCount
FlushFileBuffers
HeapAlloc
GetProcessHeap
UnhandledExceptionFilter
GetConsoleScreenBufferInfo
VirtualQuery
SetHandleCount
HeapFree
GetSystemTimeAsFileTime
WriteFileEx

comdlg32

ReplaceTextA

wininet

InternetGetCookieA
HttpAddRequestHeadersW
FtpGetFileA
InternetErrorDlg
ResumeSuspendedDownload
FtpPutFileEx

advapi32

InitializeSecurityDescriptor
CryptEncrypt
RegOpenKeyExW
CryptExportKey
RegLoadKeyA
CreateServiceA
CryptDuplicateHash
CryptEnumProviderTypesA
DuplicateTokenEx
CryptGetKeyParam
LookupPrivilegeNameW
RegCreateKeyExA
CryptAcquireContextA
CryptEnumProvidersA
RegSetValueExA
CryptDeriveKey
RegDeleteValueW
RegDeleteValueA

user32

ToUnicodeEx
DefDlgProcA
ShowWindow
SetThreadDesktop
EndDeferWindowPos
MessageBoxA
DefWindowProcW
GetWindowLongW
SetWindowLongA
FindWindowExW
GetSysColor
SendDlgItemMessageW
GetWindow
MonitorFromPoint
CreateWindowExW
SetScrollRange
RegisterClassA
RegisterClassExA
IsMenu
DestroyWindow
GetWindowWord
CreateDialogIndirectParamA
RegisterClipboardFormatA
GetTabbedTextExtentA
ScrollDC
SetMenuItemInfoA
SetUserObjectSecurity
DefDlgProcW
DefWindowProcA
GetClipboardOwner
SetDlgItemTextA
MessageBoxW
GrayStringA
LoadKeyboardLayoutA
ShowWindowAsync
GetGuiResources
SetMenu

comctl32

ImageList_SetIconSize
ImageList_GetBkColor
ImageList_Write
ImageList_DrawEx
DrawInsert
ImageList_LoadImageW
ImageList_SetOverlayImage
InitCommonControlsEx

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d52daa0778775c203e9479e3c9840df0

Headers

File Characteristics

PDB Paths

Imports

kernel32

comdlg32

wininet

advapi32

user32

comctl32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 112KB - Virtual size: 131KB

.rsrc Size: 56KB - Virtual size: 52KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 112KB - Virtual size: 131KB

.rsrc
Size: 56KB - Virtual size: 52KB