7965e1d6f31bcd872e06d568a1c55226_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7965e1d6f31bcd872e06d568a1c55226_JaffaCakes118
Size

807KB
MD5

7965e1d6f31bcd872e06d568a1c55226
SHA1

c3ca5c6f29adf0457021f071dfd566433adeb4a0
SHA256

2fde5475ed586980b26fcddc86a29fc576fe8b0bf80ff3b26bdcfe4c7a23077a
SHA512

c20be234a20f01923008ca288c4b03e5de17ddaaf0b87f8a7991f2738cfebf502a3e6747f485ac6cd094e356fe1fdb03e0182b7fe39d963dde9ddbf7e33ab6e1
SSDEEP

12288:Ng1k7vHz6TTrzPxVoWvVY4jDWrwL2bzqS6Gh7jIVZ0GnL7Kf1muuk:qMcXzIyWsL2bzB6M7jiZ3nL7Kf8uh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7965e1d6f31bcd872e06d568a1c55226_JaffaCakes118

Files

7965e1d6f31bcd872e06d568a1c55226_JaffaCakes118
.exe windows:5 windows x86 arch:x86

94c02b83805963f4ba1690b5c5f27c3d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\KbdEdit\LicensedBuilds\Tmp\1.3.3_premium_123_ivica.nikolic-gmail.com_1141\Build\Release_Win32\KbdEditLayoutInstaller32.pdb

Imports

kernel32

GlobalFindAtomW
FileTimeToLocalFileTime
GetFileAttributesW
GetFileSizeEx
GetFileTime
GetStartupInfoW
HeapFree
HeapAlloc
HeapReAlloc
Sleep
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
ExitThread
CreateThread
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
LoadLibraryA
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
GetProcessHeap
SetEnvironmentVariableA
GetVersionExA
FileTimeToSystemTime
GlobalAddAtomW
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
CompareStringW
GlobalFlags
WritePrivateProfileStringW
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
InterlockedDecrement
GetModuleHandleA
GetCurrentProcessId
CreateFileW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrlenA
SetErrorMode
GetLastError
SetLastError
GlobalFree
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
LoadLibraryExW
CompareStringA
WideCharToMultiByte
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
LoadLibraryW
MultiByteToWideChar
GetProcAddress
GetCurrentProcess
GetTempPathW
GetSystemDirectoryW
FindClose
FindFirstFileW
GetTempFileNameW
GetModuleFileNameW
QueryPerformanceCounter
MoveFileW
GetLocaleInfoW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CloseHandle
CreateProcessW
GetModuleHandleW
GetCommandLineW
ExitProcess
FindResourceW
LoadResource
LockResource
GetTickCount
SizeofResource

user32

ShowWindow
RegisterWindowMessageW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
LoadCursorW
GetSysColorBrush
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
GetWindowTextW
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
DestroyMenu
CopyRect
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
UnhookWindowsHookEx
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetWindowThreadProcessId
GetParent
GetWindowLongW
AdjustWindowRectEx
GetLastActivePopup
IsWindowEnabled
CharUpperW
GetSystemMetrics
GetMenuState
GetSubMenu
PostQuitMessage
GetMenuItemID
GetMenuItemCount
GetKeyboardLayoutNameW
BroadcastSystemMessageW
SystemParametersInfoW
GetKeyboardLayoutList
UnloadKeyboardLayout
LoadKeyboardLayoutW
GetKeyboardLayout
ActivateKeyboardLayout
DialogBoxParamW
GetDesktopWindow
EndDialog
PostMessageW
SendMessageW
EnableWindow
GetDlgItem
SetWindowTextW
SetClassLongW
LoadIconW
MessageBoxW
IsIconic

gdi32

CreateBitmap
ExtTextOutW
GetStockObject
DeleteDC
TextOutW
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetDeviceCaps
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
Escape

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegDeleteValueW
RegEnumValueW
RegDeleteKeyW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegOpenKeyExW

shell32

ShellExecuteW

shlwapi

PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFindFileNameW

oleaut32

VariantInit
VariantClear
VariantChangeType

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 368KB - Virtual size: 385KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94c02b83805963f4ba1690b5c5f27c3d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oleaut32

version

Sections

.text Size: 314KB - Virtual size: 314KB

.rdata Size: 104KB - Virtual size: 104KB

.data Size: 368KB - Virtual size: 385KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 314KB - Virtual size: 314KB

.rdata
Size: 104KB - Virtual size: 104KB

.data
Size: 368KB - Virtual size: 385KB

.rsrc
Size: 18KB - Virtual size: 18KB