f29c9716a2850c54627bcc7c8c1e96b2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f29c9716a2850c54627bcc7c8c1e96b2_JaffaCakes118
Size

560KB
MD5

f29c9716a2850c54627bcc7c8c1e96b2
SHA1

40da8c095e849c50755eab622b1e5f91ba6f812b
SHA256

dd0d51b8aad625f742ec5e6197e37803ba5ec319412de2ebf058779a518e1bdd
SHA512

68e4570799ac55aa41f5ad2730d2db37d9f254ad5a8b1b48a7a0a9c5f694de19bf9cbc7109eaf8b5a992d6e0b191490314d2898c3de8f3f3e02f824d6efaed67
SSDEEP

6144:+xFrV/z9Nolt1EhH6zYMsbiLxH6rDXwzjeMzxU3wMZab1zuj+SHEsaQ7B0Cq6L0H:uVrDgz5MwzdSVdt09p+Rv8Gej1dvU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f29c9716a2850c54627bcc7c8c1e96b2_JaffaCakes118

Files

f29c9716a2850c54627bcc7c8c1e96b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

83f1d95fa5558d210136411327779f96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\fezlft

Imports

kernel32

GetFileAttributesA
TlsAlloc
GetLocalTime
ExitProcess
LCMapStringA
RemoveDirectoryW
GetSystemTimeAsFileTime
TerminateProcess
WritePrivateProfileStructW
QueryPerformanceCounter
GetModuleHandleA
GlobalHandle
GetVersion
GetCommandLineA
HeapReAlloc
EnumSystemLocalesA
GetCurrentThreadId
GetShortPathNameA
SetStdHandle
CreateMailslotW
GetCurrentThread
CompareStringW
GetStartupInfoA
HeapCreate
SetPriorityClass
GetLongPathNameW
MultiByteToWideChar
CreateMutexA
LoadLibraryA
DeleteCriticalSection
GetUserDefaultLCID
FreeResource
GetStdHandle
FindNextChangeNotification
OpenMutexA
WriteConsoleOutputW
CopyFileA
VirtualFree
GetEnvironmentStringsA
HeapFree
GetFileType
GetCurrentProcessId
CloseHandle
DeleteAtom
GetPrivateProfileStringW
SetLastError
InitializeCriticalSection
TlsGetValue
LocalCompact
lstrcpyn
lstrcmpiA
FreeEnvironmentStringsA
SetHandleCount
EnterCriticalSection
IsBadWritePtr
GetComputerNameA
ReadFile
InterlockedIncrement
HeapAlloc
SetLocaleInfoW
GetSystemDirectoryW
SetConsoleWindowInfo
GetDateFormatW
GetTickCount
SetConsoleOutputCP
GetWindowsDirectoryA
GetEnvironmentStringsW
GetProcAddress
LocalFileTimeToFileTime
GetACP
GetSystemTime
SetConsoleCursorInfo
GetOEMCP
GetModuleFileNameA
SetFilePointer
TlsFree
ConnectNamedPipe
CompareStringA
OpenSemaphoreW
WriteFile
VirtualQuery
WriteProfileSectionW
VirtualAlloc
InterlockedExchange
GetStringTypeW
SetConsoleScreenBufferSize
WriteProfileSectionA
lstrcpyA
LCMapStringW
SleepEx
GetEnvironmentStrings
SetSystemTime
FreeEnvironmentStringsW
FlushFileBuffers
GetCompressedFileSizeW
CreateSemaphoreA
TlsSetValue
UnhandledExceptionFilter
GetTimeZoneInformation
FoldStringW
GetLastError
SetEnvironmentVariableA
lstrcatW
RtlUnwind
GetStringTypeA
GetCurrentProcess
GlobalGetAtomNameA
WideCharToMultiByte
HeapDestroy
LeaveCriticalSection
GetLocaleInfoA
InterlockedDecrement
ResetEvent
WriteConsoleInputA
GetCPInfo

comctl32

CreateToolbarEx
ImageList_DragMove
DrawStatusText
InitCommonControlsEx
ImageList_Read
ImageList_GetImageInfo
ImageList_GetFlags
ImageList_Merge
ImageList_SetOverlayImage
ImageList_BeginDrag
ImageList_Destroy
ImageList_AddIcon
DrawInsert
ImageList_GetIcon
DestroyPropertySheetPage
CreateStatusWindowA
ImageList_SetBkColor
CreateToolbar
InitMUILanguage

advapi32

CryptExportKey

user32

DlgDirListComboBoxA
RegisterClassExA
SetWindowPlacement
CheckDlgButton
DdeUninitialize
CreateWindowExA
TileChildWindows
SendInput
GetClientRect
GetDlgItem
CreateDialogParamW
UnregisterClassW
IsCharLowerW
ToAsciiEx
MessageBoxW
KillTimer
GetDesktopWindow
IsWindowEnabled
ChildWindowFromPointEx
NotifyWinEvent
wsprintfW
DrawTextExA
InvertRect
UnregisterClassA
GetDoubleClickTime
SetWindowsHookExW
EnumDesktopWindows
GetNextDlgTabItem
SetDoubleClickTime
SetDeskWallpaper
LoadCursorFromFileW
InsertMenuItemW
GetMessageTime
DispatchMessageW
GetKBCodePage
GetClassNameW
WindowFromDC
ValidateRect
EmptyClipboard
EnumPropsExW
MessageBoxExA
GetTabbedTextExtentW
ChangeDisplaySettingsExA
MessageBeep
GetMenuState
LoadImageW
DrawStateW
GetWindowModuleFileNameA
GetKeyboardState
SendNotifyMessageW
GetMenuInfo
LoadMenuW
DestroyMenu
UnhookWinEvent
GetWindowTextLengthW
EnumDisplayDevicesA
IsWindow
GetListBoxInfo
GetUserObjectInformationW
CreateCaret
SetUserObjectSecurity
IsCharAlphaNumericW
RegisterClassA
MapVirtualKeyA
PostThreadMessageA
DdeAddData
TrackPopupMenu
DdeDisconnect
SetWindowLongA
DestroyCaret
UnhookWindowsHook
OffsetRect
LoadMenuA
CreateIcon
SwapMouseButton
FindWindowA
DragObject
GetKeyboardLayoutList
GetWindowWord
OpenInputDesktop
PostMessageW
SubtractRect
GetMonitorInfoA
LoadKeyboardLayoutA
CallMsgFilterA
CloseWindow
RegisterClassW
ClipCursor
SetWindowWord
GetPropW
InsertMenuA
ChangeClipboardChain
CreateDialogParamA
GetCursorInfo
RealGetWindowClass

Sections

.text
Size: 172KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83f1d95fa5558d210136411327779f96

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

advapi32

user32

Sections

.text Size: 172KB - Virtual size: 170KB

.rdata Size: 248KB - Virtual size: 246KB

.data Size: 116KB - Virtual size: 129KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 172KB - Virtual size: 170KB

.rdata
Size: 248KB - Virtual size: 246KB

.data
Size: 116KB - Virtual size: 129KB

.rsrc
Size: 20KB - Virtual size: 16KB