f4e0ef91ab2e61e93089a53a757cff2d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f4e0ef91ab2e61e93089a53a757cff2d_JaffaCakes118
Size

348KB
MD5

f4e0ef91ab2e61e93089a53a757cff2d
SHA1

be8de1577480d7b3b059a83ff4028570f309d84d
SHA256

3468f34dd9836a026adb4466d36b1033bed0526d218071374079bdc6b1d6a269
SHA512

de7b1061e7584da2fbc3e891db1f3e453e8715c0e0e9704292275f8186548820aa797d631b68441c625839719ac0a313ff66c7a2d17fd48889264911c5230057
SSDEEP

6144:6JVD7Hdy5/AZ61WBlyVjg1SNWHrf4ut6YeiE2FJfTRMCXtq:6PDSAKWujylrF8iEsfx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4e0ef91ab2e61e93089a53a757cff2d_JaffaCakes118

Files

f4e0ef91ab2e61e93089a53a757cff2d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5705b212728a2b9d8a4bfc2d01effbc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\nvwepkwdse\eekbw\pmwe.pdb

Imports

gdi32

Polygon
GetClipBox
CopyEnhMetaFileW
ColorCorrectPalette
CreateHalftonePalette
RoundRect
GetCharWidthA
OffsetClipRgn
UnrealizeObject
OffsetWindowOrgEx
GetLayout
SelectClipPath
BeginPath
SetLayout
GetTextCharacterExtra
CloseMetaFile
SetMetaRgn
GetOutlineTextMetricsA
EqualRgn
EnumFontFamiliesExA

comctl32

ImageList_DrawIndirect
ImageList_SetFilter
ImageList_Add
ImageList_GetIcon
CreateStatusWindowA
_TrackMouseEvent
ImageList_DragMove
ImageList_EndDrag
ImageList_DragShowNolock
ImageList_GetFlags
ImageList_Create
DrawStatusTextW
ImageList_Replace
ImageList_SetFlags
DrawStatusText
ImageList_DrawEx
ImageList_SetDragCursorImage
DrawStatusTextA
ImageList_GetImageRect
InitCommonControlsEx

advapi32

LookupAccountSidA
CryptSetProviderExW
RegSetValueA
RegEnumKeyW
CryptHashData
AbortSystemShutdownA
RegEnumKeyExW
CryptSetProvParam
CryptEnumProvidersA
RegEnumValueW
RegQueryValueW
RegEnumKeyA
RegQueryValueExA

comdlg32

ReplaceTextA
ChooseColorA
FindTextW

kernel32

GetCommandLineA
ReadFile
CloseHandle
ExitProcess
GetNumberFormatW
InterlockedExchange
GetACP
InterlockedIncrement
HeapAlloc
GetOEMCP
LCMapStringA
LeaveCriticalSection
WideCharToMultiByte
InterlockedDecrement
FlushFileBuffers
GetSystemTimeAsFileTime
SetFilePointer
CompareStringA
CompareStringW
HeapReAlloc
GetVersion
SetStdHandle
GetTimeZoneInformation
HeapCreate
VirtualAlloc
HeapDestroy
GetModuleFileNameA
TlsGetValue
OpenMutexA
FreeEnvironmentStringsW
GetCurrentProcess
GetProcAddress
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetLastError
GetCPInfo
GetStringTypeA
WriteFile
SetHandleCount
GetStartupInfoA
GetCurrentThread
GetLocalTime
GetSystemTime
CreateMutexA
GetStdHandle
EnterCriticalSection
VirtualQuery
GetEnvironmentStringsW
VirtualFree
SetEnvironmentVariableA
RtlUnwind
QueryPerformanceCounter
SetLastError
IsBadWritePtr
GetStringTypeW
LoadLibraryA
GetModuleHandleA
GetTickCount
TlsAlloc
TerminateProcess
TlsSetValue
InitializeCriticalSection
MultiByteToWideChar
TlsFree
HeapFree
GetFileType
LCMapStringW
GetCurrentThreadId
GetCurrentProcessId
GetEnvironmentStrings
DeleteCriticalSection

user32

DefWindowProcA
GetMenuState
DestroyWindow
GetMenuStringA
SetThreadDesktop
RegisterClassA
GetIconInfo
TranslateAcceleratorA
RegisterClassExA
UpdateWindow
SetForegroundWindow
SetClassWord
LoadAcceleratorsW
DefDlgProcA
UnhookWindowsHook
ChildWindowFromPointEx
DrawFocusRect
LoadMenuA
UnhookWinEvent
ShowWindow
CreateWindowExW
MapVirtualKeyW
MessageBoxA
SendInput
ModifyMenuW
SetClassLongA
CheckDlgButton
KillTimer
ClientToScreen
AppendMenuW
CountClipboardFormats
BroadcastSystemMessageW
OpenWindowStationW
GetSystemMetrics
LoadKeyboardLayoutA
GetProcessWindowStation
SetMenuItemInfoA
GetClassInfoExA

shell32

SHGetFileInfo
ShellExecuteW
DuplicateIcon

Sections

.text
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5705b212728a2b9d8a4bfc2d01effbc7

Headers

File Characteristics

PDB Paths

Imports

gdi32

comctl32

advapi32

comdlg32

kernel32

user32

shell32

Sections

.text Size: 132KB - Virtual size: 129KB

.rdata Size: 72KB - Virtual size: 68KB

.data Size: 92KB - Virtual size: 94KB

.rsrc Size: 48KB - Virtual size: 44KB

.text
Size: 132KB - Virtual size: 129KB

.rdata
Size: 72KB - Virtual size: 68KB

.data
Size: 92KB - Virtual size: 94KB

.rsrc
Size: 48KB - Virtual size: 44KB