f946e4fb8a6dca0bc44d9f88f2d32088_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f946e4fb8a6dca0bc44d9f88f2d32088_JaffaCakes118
Size

624KB
MD5

f946e4fb8a6dca0bc44d9f88f2d32088
SHA1

bc2aee3534d56471e72a4229c54f440baed82e72
SHA256

fef5f4f3fac92236db9e435558fcb342ef2c77a561854d5f3f9e64ec5b549837
SHA512

64a2488eda39e067f6f5a86f21b0cb72fae6ca464c249e235e51fe818049ab3576eacb2141adf7b4a1c470bac6ad9f67fde29c79fda7e6689ceea6b5acbba17f
SSDEEP

12288:l8jhDhNGnjVJEb1mPuczItYXHBA8q01UwGsU1Ti:lYhDhNk/PHzIyXa/+Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f946e4fb8a6dca0bc44d9f88f2d32088_JaffaCakes118

Files

f946e4fb8a6dca0bc44d9f88f2d32088_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f3ac2ba91531be9a588a3565b467aeb2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\dqon\etaoker\viilo\mecul

Imports

comdlg32

PageSetupDlgW

kernel32

CompareStringA
SetHandleCount
HeapAlloc
HeapDestroy
GetThreadTimes
lstrcpyW
LoadResource
GetTimeZoneInformation
EnumDateFormatsW
LocalFlags
SetLastError
GetLastError
GetNamedPipeHandleStateA
IsValidLocale
GetDiskFreeSpaceExW
FormatMessageA
SetCurrentDirectoryA
CompareStringW
GetSystemTimeAsFileTime
IsBadWritePtr
OutputDebugStringW
FlushFileBuffers
FreeEnvironmentStringsA
GetCompressedFileSizeA
ExitThread
OpenSemaphoreW
GetPrivateProfileStringW
FindResourceA
SetEnvironmentVariableA
GetFileType
GetUserDefaultLangID
GetOEMCP
RtlFillMemory
ContinueDebugEvent
DeleteCriticalSection
HeapFree
GetCommandLineA
QueryPerformanceCounter
GetTimeFormatA
VirtualFree
GetLocaleInfoW
GetProcessShutdownParameters
GetEnvironmentStrings
OpenEventW
ReadConsoleW
SetUnhandledExceptionFilter
FindFirstFileW
WriteConsoleW
GetTempFileNameA
CreateFileW
SetStdHandle
GetModuleHandleA
LoadLibraryExW
TlsFree
ExitProcess
SetLocaleInfoA
GetVersionExA
CopyFileExA
LoadLibraryA
GlobalFindAtomW
SetFileTime
GetProcAddress
GetUserDefaultLCID
HeapCreate
GetVolumeInformationA
AddAtomA
GetTempFileNameW
GetTickCount
GetModuleFileNameA
MoveFileA
WideCharToMultiByte
GetCPInfo
WriteConsoleInputA
VirtualProtect
VirtualQuery
GetStringTypeA
FormatMessageW
CreateMutexA
SetFilePointer
LeaveCriticalSection
GetProcessAffinityMask
FreeEnvironmentStringsW
EnterCriticalSection
SetConsoleTitleA
MultiByteToWideChar
InitializeCriticalSection
ReadConsoleOutputW
LocalHandle
GetCurrentProcessId
WaitForMultipleObjects
SetConsoleTitleW
GetCalendarInfoA
GetLocalTime
RtlUnwind
GetSystemInfo
InterlockedIncrement
lstrcat
lstrcmpiW
GetCurrentProcess
GetConsoleTitleA
GetCompressedFileSizeW
GetConsoleMode
GetStringTypeW
LCMapStringW
GetCurrentThreadId
ReadFile
SetThreadIdealProcessor
GetLocaleInfoA
GetEnvironmentStringsW
Sleep
TlsGetValue
GetFullPathNameA
UnhandledExceptionFilter
GetThreadPriority
InterlockedExchange
FoldStringA
GetCurrentThread
GetStartupInfoA
EnumSystemLocalesA
HeapSize
LCMapStringA
HeapReAlloc
UnmapViewOfFile
EnumResourceNamesW
GetStdHandle
GetACP
VirtualAlloc
lstrcatW
CloseHandle
DebugBreak
TerminateProcess
GetDateFormatA
OpenMutexA
TlsAlloc
GlobalAlloc
IsValidCodePage
ReleaseMutex
WriteFile
TlsSetValue

user32

GetWindowRgn
EqualRect
DefWindowProcA
RedrawWindow
GetClassNameW
GetClassLongW
GetClassNameA
GetIconInfo
LoadCursorFromFileW
SetMenuItemBitmaps
CascadeChildWindows
EnumClipboardFormats
PtInRect
GetComboBoxInfo
ShowWindow
RegisterClassExA
DlgDirListA
CharUpperW
MoveWindow
PeekMessageW
GetMessageTime
ReplyMessage
MessageBoxIndirectW
GetDlgItemInt
GetListBoxInfo
ChildWindowFromPointEx
GetFocus
CloseClipboard
SetThreadDesktop
CreateWindowExA
GetCursorInfo
TrackPopupMenuEx
RegisterClassA
SendNotifyMessageA
CharPrevW
ScrollDC
BeginDeferWindowPos
ShowCursor
ActivateKeyboardLayout
EnumPropsExA
DestroyWindow
OpenDesktopW
MessageBoxW
SystemParametersInfoA

advapi32

RegConnectRegistryW
RegDeleteKeyW
InitiateSystemShutdownW
CryptSetProviderA

wininet

InternetCanonicalizeUrlW
FindFirstUrlCacheEntryW
InternetSetDialStateA
InternetWriteFileExA

comctl32

ImageList_SetFlags
ImageList_GetIconSize
InitCommonControlsEx
ImageList_Add
ImageList_SetIconSize
ImageList_SetOverlayImage
ImageList_GetFlags
DrawInsert
ImageList_Merge
CreatePropertySheetPage
ImageList_LoadImageA
ImageList_DrawEx
CreatePropertySheetPageA
ImageList_EndDrag
DrawStatusTextA
ImageList_Duplicate
ImageList_LoadImage
CreateStatusWindow
ImageList_SetImageCount
CreateStatusWindowW
ImageList_GetImageCount

shell32

SHEmptyRecycleBinA
DragQueryFile
SHFileOperationW
SHGetSettings
DragQueryFileW

Sections

.text
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3ac2ba91531be9a588a3565b467aeb2

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

user32

advapi32

wininet

comctl32

shell32

Sections

.text Size: 164KB - Virtual size: 161KB

.rdata Size: 244KB - Virtual size: 241KB

.data Size: 120KB - Virtual size: 145KB

.rsrc Size: 92KB - Virtual size: 90KB

.text
Size: 164KB - Virtual size: 161KB

.rdata
Size: 244KB - Virtual size: 241KB

.data
Size: 120KB - Virtual size: 145KB

.rsrc
Size: 92KB - Virtual size: 90KB