fb5e9f9f5ff1ccb40855bea78030cfcd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb5e9f9f5ff1ccb40855bea78030cfcd_JaffaCakes118
Size

384KB
MD5

fb5e9f9f5ff1ccb40855bea78030cfcd
SHA1

cf1d83a8c1379b8fb815d23645139cb260ca7484
SHA256

7ab3efdd84488dfd5f8f29fdbba70a8fbb625b3f334489b7d185ee32a08c2323
SHA512

8fc2522e585b6a9abf473fbdda4acf9ff5dc4458043064181aa45780b4c4a7acfeec6f7e49204b59cd83672ce703cd11cc248a0ec9c61bc5e96ebde29b2aea8b
SSDEEP

6144:3Afa6MnArB5Qtpwm1Cwo7cVCEpZn6jyaA7dN/pNEgL+sykSi9puZ6F:3Afa6MnaeF27cVCEpZn6ALgi9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb5e9f9f5ff1ccb40855bea78030cfcd_JaffaCakes118

Files

fb5e9f9f5ff1ccb40855bea78030cfcd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

743ca803c30afc5ce36f06b1c7031e67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\cwpamo\pibg\aen\qhop.PDB

Imports

shell32

SHBrowseForFolderW
SHLoadInProc
SheSetCurDrive
CommandLineToArgvW
SHChangeNotify

comdlg32

ChooseFontW
GetSaveFileNameW
GetOpenFileNameA

gdi32

CreateICW
SetDIBitsToDevice
CreateDCA
GetTextCharacterExtra
SelectObject
GetWindowExtEx
GetDeviceCaps
GetObjectW
DeleteDC
CreateEnhMetaFileA
PolyBezierTo
Ellipse
GetViewportExtEx
CreateDIBitmap

comctl32

ImageList_LoadImageW
ImageList_AddMasked
DrawStatusTextW
CreateStatusWindow
ImageList_DrawEx
ImageList_SetDragCursorImage
ImageList_GetBkColor
ImageList_Duplicate
CreateToolbarEx
ImageList_Replace
ImageList_BeginDrag
CreatePropertySheetPageA
ImageList_Create
InitCommonControlsEx

kernel32

GetSystemTime
WritePrivateProfileStructA
GetCurrentThread
DebugActiveProcess
GetModuleFileNameW
TerminateProcess
SetTimeZoneInformation
EnterCriticalSection
LCMapStringW
GetCPInfo
HeapFree
LCMapStringA
GetProcAddress
GetSystemTimeAsFileTime
TlsAlloc
GetLocalTime
lstrcpyn
CreateToolhelp32Snapshot
GetCommandLineA
CompareStringA
GetVersion
OpenMutexA
ExitProcess
GetSystemTimeAdjustment
WriteFile
HeapDestroy
LoadLibraryA
CommConfigDialogW
VirtualFreeEx
InterlockedIncrement
GlobalFindAtomW
ResetEvent
SetLastError
lstrcat
CreateFileA
lstrcpynA
CreateEventA
ReadFile
FreeEnvironmentStringsW
CompareStringW
RtlFillMemory
TlsFree
FindFirstFileExW
VirtualQuery
DeleteCriticalSection
SetHandleCount
GetEnvironmentStrings
HeapValidate
VirtualFree
GetStartupInfoW
WideCharToMultiByte
TransactNamedPipe
InterlockedExchange
CreateMutexA
RtlUnwind
EnumResourceTypesA
FreeEnvironmentStringsA
GlobalAddAtomA
InitializeCriticalSection
HeapAlloc
GetModuleFileNameA
GlobalFindAtomA
GetModuleHandleA
TerminateThread
GetFileType
VirtualAlloc
AddAtomA
SetFilePointer
GetCurrentThreadId
TlsGetValue
GetLastError
GetEnvironmentStringsW
IsBadWritePtr
SetEvent
QueryPerformanceCounter
UnhandledExceptionFilter
FlushFileBuffers
CloseHandle
ReadConsoleA
GetStringTypeA
GetCommandLineW
LeaveCriticalSection
GetStartupInfoA
HeapReAlloc
TlsSetValue
ReadConsoleOutputCharacterW
MultiByteToWideChar
SetStdHandle
HeapCreate
GetCurrentProcessId
GetTickCount
GetPrivateProfileSectionNamesA
GetStringTypeW
DosDateTimeToFileTime
InterlockedDecrement
SetEnvironmentVariableA
GetStdHandle
GetTimeZoneInformation
GetCurrentProcess

wininet

InternetGetConnectedStateExW
InternetSetFilePointer
InternetSetCookieW
FtpRenameFileW
InternetConfirmZoneCrossing
IsUrlCacheEntryExpiredW
InternetCrackUrlW

user32

MapWindowPoints
GetWindowLongA
RegisterClassExA
CharLowerW
SetForegroundWindow
DdeCreateStringHandleA
ChangeMenuW
ChangeClipboardChain
SetSystemCursor
SendDlgItemMessageW
CreateWindowExW
CharUpperBuffA
GetUserObjectInformationW
UnhookWindowsHook
GetMenuItemInfoW
SetCaretPos
DrawFocusRect
ToAsciiEx
CharUpperBuffW
MoveWindow
CheckRadioButton
MonitorFromWindow
CharPrevExA
LoadAcceleratorsW
SetRect
DragDetect
TileChildWindows
FillRect
PtInRect
LoadCursorA
MenuItemFromPoint
ToUnicodeEx
EnumWindows
CascadeWindows
SetMessageQueue
GetKeyNameTextW
GetMenu
SetActiveWindow
DdeDisconnectList
LoadCursorFromFileA
CreateDesktopW
DdeAccessData
GetOpenClipboardWindow
MessageBeep
SetTimer
SetDlgItemTextW
GetClassInfoW
GetMenuStringA
UnregisterDeviceNotification
DrawTextExA
AdjustWindowRectEx
wvsprintfW
DefWindowProcA
GetWindowModuleFileNameA
LoadImageW
ModifyMenuW
SubtractRect
ShowWindow
DdeUnaccessData
SetCapture
SendIMEMessageExW
CharToOemA
PostThreadMessageW
GetDesktopWindow
CharUpperW
DestroyWindow
DlgDirSelectComboBoxExW
MessageBoxA
SetWindowWord
GetDlgItemInt
InSendMessage
ChangeMenuA
DdeGetLastError
SetWindowLongW
RegisterHotKey
GetMenuCheckMarkDimensions
DlgDirSelectComboBoxExA
GetClassNameA
GetWindowTextLengthA
RegisterClassA
SetWindowLongA
CharLowerBuffW
DdeCreateStringHandleW
DdeInitializeA
OpenDesktopW
GetWindowDC
OpenInputDesktop
MonitorFromPoint
PostThreadMessageA
PeekMessageA
GetClipboardFormatNameW
EndDialog
AttachThreadInput
FindWindowA
ValidateRect
EnumDisplaySettingsExW
GetClipboardOwner
LockWindowUpdate
AnyPopup
GetSysColorBrush

Sections

.text
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

743ca803c30afc5ce36f06b1c7031e67

Headers

File Characteristics

PDB Paths

Imports

shell32

comdlg32

gdi32

comctl32

kernel32

wininet

user32

Sections

.text Size: 120KB - Virtual size: 116KB

.rdata Size: 136KB - Virtual size: 133KB

.data Size: 100KB - Virtual size: 111KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 120KB - Virtual size: 116KB

.rdata
Size: 136KB - Virtual size: 133KB

.data
Size: 100KB - Virtual size: 111KB

.rsrc
Size: 24KB - Virtual size: 23KB