28a22ebb0f556c93e206ec56ce893dc7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28a22ebb0f556c93e206ec56ce893dc7_JaffaCakes118
Size

1.5MB
MD5

28a22ebb0f556c93e206ec56ce893dc7
SHA1

32ba6d1a063d3cf4d49b8bb60e8ec309649c3e28
SHA256

e4a4a458ebbbc5487b3dc3ecbd456d81336434a2750d0c854f33d39e887d3add
SHA512

2018913f00cf7a61aa3e514b1e9a157ac63c73ef1f64d441cbbaa290b41224247c67499961a09022b94c3c88be2c5aa07d44310153c6d8d710559fe0be668a24
SSDEEP

6144:uLUeuMpvqA1EoRKLQL7V1LE+S1xMhUlBg2y:uweXqAxRKLQLJ1PYM4B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28a22ebb0f556c93e206ec56ce893dc7_JaffaCakes118

Files

28a22ebb0f556c93e206ec56ce893dc7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

96f340264594b82c71f440caf791e30c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\workspace\depot\Projects\KMC\StatusMonitor\KMPCT\Release\KMPCT.pdb

Imports

comctl32

ImageList_Draw
ImageList_Destroy
ImageList_LoadImageA
ord17
InitCommonControlsEx
PropertySheetA

kernel32

WriteFile
Sleep
CreateEventA
GetMailslotInfo
ReadFile
CreateFileW
CreateMailslotW
CreateThread
lstrcmpA
FindResourceA
FreeResource
LoadResource
SizeofResource
LockResource
OutputDebugStringA
SetEndOfFile
WriteConsoleW
FlushFileBuffers
IsProcessorFeaturePresent
CreateFileA
LCMapStringW
GetConsoleMode
GetConsoleCP
LoadLibraryW
HeapReAlloc
GetStringTypeW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
RtlUnwind
DeleteCriticalSection
SetHandleCount
SetFilePointer
GetFileType
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
SetStdHandle
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameW
GetStdHandle
SetEvent
WaitForSingleObject
MulDiv
GetLocaleInfoA
CloseHandle
GetLastError
MultiByteToWideChar
lstrlenA
CreateMutexW
GetModuleHandleA
ExitProcess
GetProcessHeap
EncodePointer
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
RaiseException
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetProcAddress
HeapSize

user32

CreateDialogParamA
DestroyWindow
SetTimer
KillTimer
GetDesktopWindow
MessageBoxW
MoveWindow
FillRect
GetSysColor
LoadImageA
CheckRadioButton
IsWindowVisible
SetDlgItemTextA
SetWindowTextA
GetDlgItemInt
SendDlgItemMessageA
SetDlgItemInt
GetWindowTextA
GetDC
ReleaseDC
ScreenToClient
GetWindowRect
SetDlgItemTextW
GetParent
LoadIconA
SetWindowLongA
GetWindowLongA
ShowWindow
SendMessageW
CallWindowProcA
EndPaint
BeginPaint
InvalidateRect
CheckDlgButton
IsDlgButtonChecked
SetWindowTextW
SendMessageA
GetDlgItem
PostMessageA
EnableWindow

gdi32

BitBlt
DeleteDC
SelectObject
CreateCompatibleDC
GetObjectA
CreateSolidBrush
GetDeviceCaps
DeleteObject
CreateFontW

winspool.drv

EnumPrintersW

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96f340264594b82c71f440caf791e30c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

gdi32

winspool.drv

Sections

.text Size: 116KB - Virtual size: 116KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 7KB - Virtual size: 15KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.text
Size: 116KB - Virtual size: 116KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 7KB - Virtual size: 15KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB