f32927350b8217724521d9cb1ab3562d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f32927350b8217724521d9cb1ab3562d_JaffaCakes118
Size

531KB
MD5

f32927350b8217724521d9cb1ab3562d
SHA1

0f16f7dd1b7d70e402f2a350a2ebef19bfc17d63
SHA256

fbe57ea40a49467d15be00f811ecad05c591872e06afbea9c476c05688a40b16
SHA512

fd3fdda1d8de49a92bd269aa29f3242d7579bab1a20c8eaa7e0e5b9adf77f10a14f13d17d92c0a25c3fbf996829412e0d1cb5abc516de2d028bd21a0213bfdfd
SSDEEP

12288:5XmBvBq/pnos2EoHHPvGe6MjWQ8OPf/RB5EW4Q8kHiusvVjr8dzKo1Fl:5WdBq/poCBekO3/fdL8kHtEU31

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f32927350b8217724521d9cb1ab3562d_JaffaCakes118

Files

f32927350b8217724521d9cb1ab3562d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

95c86008bbf463c68c5d6eb116169222

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\xteumzxfbo.pdb

Imports

comdlg32

ReplaceTextW
ChooseFontW
GetFileTitleW
LoadAlterBitmap

kernel32

DeleteCriticalSection
TerminateProcess
GetConsoleCP
HeapSize
GetUserDefaultLCID
SetConsoleMode
GetCPInfo
CreateMutexA
SetEvent
InterlockedIncrement
WriteConsoleA
RtlFillMemory
SetEnvironmentVariableA
CompareStringW
GetConsoleOutputCP
GetOEMCP
SetUnhandledExceptionFilter
FreeLibrary
LockResource
TlsFree
HeapDestroy
GetEnvironmentStrings
InterlockedDecrement
GetTickCount
GetProcessHeap
FlushFileBuffers
EnumSystemLocalesW
SetStdHandle
GetStdHandle
WaitCommEvent
GetTimeZoneInformation
WriteConsoleW
CompareStringA
GetDateFormatA
HeapAlloc
GetProcAddress
OpenMutexA
VirtualQuery
GetFileType
EnumSystemLocalesA
MultiByteToWideChar
SetFilePointer
SetConsoleCtrlHandler
MoveFileExW
ExpandEnvironmentStringsW
LCMapStringA
Sleep
ExitProcess
GetLastError
GetStartupInfoW
FreeEnvironmentStringsW
GetVersionExA
LeaveCriticalSection
WriteFile
GetCommandLineA
GetPrivateProfileStructW
GetLocaleInfoW
EnumResourceLanguagesA
EnterCriticalSection
GetEnvironmentStringsW
GetTimeFormatA
CompareFileTime
VirtualAlloc
FindResourceW
FreeEnvironmentStringsA
QueryPerformanceCounter
InitializeCriticalSection
VirtualFree
IsDebuggerPresent
RtlUnwind
CloseHandle
SetHandleCount
GetModuleHandleA
FreeLibraryAndExitThread
CopyFileExA
GetCommandLineW
TlsSetValue
IsValidLocale
GetStartupInfoA
HeapCreate
GetSystemTimeAsFileTime
GetModuleFileNameA
GetACP
SetLastError
CreateFileA
GetCurrentProcess
IsValidCodePage
OpenProcess
GetCurrentProcessId
GetLocaleInfoA
TlsAlloc
UnhandledExceptionFilter
HeapReAlloc
GetConsoleMode
DuplicateHandle
GetStringTypeA
GetModuleFileNameW
GetStringTypeW
GetCurrentThreadId
GetNamedPipeInfo
TlsGetValue
HeapFree
InterlockedExchange
ReadFile
GetCurrentThread
LoadLibraryA
WideCharToMultiByte
LCMapStringW
CreateDirectoryA

shell32

ShellHookProc
SHGetDataFromIDListA
SHBrowseForFolderA
DragQueryFileAorW
FreeIconList

advapi32

InitializeSecurityDescriptor
StartServiceW
LookupAccountSidA
CryptReleaseContext
CryptSetProviderA
LogonUserW
RegQueryValueExW
RegQueryValueA
CryptSetProviderExA

user32

RegisterClassExA
DrawAnimatedRects
OemToCharA
MapVirtualKeyW
GetMenuBarInfo
MessageBoxIndirectW
WaitForInputIdle
CopyImage
CheckMenuItem
DefFrameProcA
SetWindowLongA
SetMenuContextHelpId
PostMessageA
GetPropW
DrawStateA
RegisterClassA
SetScrollPos
CreateIconFromResource
SendMessageW
WinHelpW
DrawCaption
BringWindowToTop
SetWindowsHookA
SendMessageTimeoutA
PeekMessageW
CharLowerBuffW
MessageBoxExW

comctl32

InitCommonControlsEx

gdi32

SetWindowExtEx
GetWorldTransform
DeleteEnhMetaFile
CreateHatchBrush
UpdateICMRegKeyW
SetDIBColorTable
ExtFloodFill
CloseEnhMetaFile
CreateEllipticRgn
EnumICMProfilesA

Sections

.text
Size: 371KB - Virtual size: 371KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95c86008bbf463c68c5d6eb116169222

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

shell32

advapi32

user32

comctl32

gdi32

Sections

.text Size: 371KB - Virtual size: 371KB

.rdata Size: 30KB - Virtual size: 39KB

.data Size: 108KB - Virtual size: 108KB

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 371KB - Virtual size: 371KB

.rdata
Size: 30KB - Virtual size: 39KB

.data
Size: 108KB - Virtual size: 108KB

.rsrc
Size: 19KB - Virtual size: 19KB