0075e7c58010dd619485c5e3cfa214c8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0075e7c58010dd619485c5e3cfa214c8_JaffaCakes118
Size

296KB
MD5

0075e7c58010dd619485c5e3cfa214c8
SHA1

4804d6d831888d08b507debb15caf632194a9537
SHA256

05665699dc67b955f14f1bcba1fc00e2c8211cf9beafb265e30efeddbb428f76
SHA512

357ae9752cae2ada706b8bbb5b1d620967b4997f10a2f396d318f89d17b38c57547cec60661d078eac4ce3c946211a69313a92aa0eb9f3d60c62857380e7b306
SSDEEP

6144:MB+0yVfPpEWuYc16m6J7dFgaukxdIm5wgxxQcmQt1Uz:MBwPBuYcwF7f1ukEqwzcmQnUz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0075e7c58010dd619485c5e3cfa214c8_JaffaCakes118

Files

0075e7c58010dd619485c5e3cfa214c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

390d65a93011be5e61ae99577adab84a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\mtkgetgp\sbztlv\zqiopewfe\fqjooazaqe\oect\oaemgpikra.pdb

Imports

user32

DlgDirSelectExW
DialogBoxParamW
LoadKeyboardLayoutW
CharPrevExA
ScreenToClient
CopyImage
CreateAcceleratorTableW
GetShellWindow
ChangeDisplaySettingsW
CloseClipboard
LoadMenuA
GetWindowTextW
SetWindowsHookW
EnumPropsExW
SetScrollPos
ChangeDisplaySettingsExA
MenuItemFromPoint
GetWindowDC
ShowWindow
ModifyMenuW
RemovePropA
ScrollDC
KillTimer
GetDlgItemTextA
SetPropW
EnableMenuItem
RemovePropW
TranslateAccelerator
DefFrameProcW
DefMDIChildProcA
LoadStringW
GetDlgItemTextW
DdeDisconnectList
GetMenuBarInfo
CreateWindowExA
RegisterClassA
DefDlgProcW
DestroyWindow
LoadBitmapA
InsertMenuItemW
DeleteMenu
CheckRadioButton
CascadeWindows
InternalGetWindowText
SetScrollRange
RegisterClassExA
UnhookWinEvent
DdeSetUserHandle
WindowFromPoint
CountClipboardFormats
OpenDesktopA
CallMsgFilterW
ChangeMenuW
MessageBoxW
DefWindowProcA
SetWindowTextW
OemToCharW
CharUpperA
DdeQueryConvInfo
DdeInitializeA
ChangeDisplaySettingsExW
DdePostAdvise
InflateRect
EnumWindowStationsA
CreateWindowExW

comctl32

ImageList_BeginDrag
ImageList_GetImageCount
InitCommonControlsEx

kernel32

GetCPInfo
ExitProcess
GetProcAddress
CompareStringA
HeapFree
OpenMutexA
CreateProcessW
GetCurrentProcessId
TlsAlloc
GetFileType
GetPrivateProfileStringA
lstrcpynW
GetVersion
GetLocalTime
GetCommandLineW
RtlUnwind
GlobalReAlloc
GetLastError
LoadLibraryA
InitializeCriticalSection
SetFilePointer
FileTimeToLocalFileTime
FormatMessageW
VirtualQuery
InterlockedIncrement
GetUserDefaultLangID
GetCommandLineA
GetEnvironmentStrings
VirtualAlloc
HeapDestroy
DeleteCriticalSection
SetLastError
GetTickCount
LCMapStringA
SetConsoleCP
TerminateProcess
GetModuleFileNameA
GetCurrentThreadId
GetStartupInfoA
WideCharToMultiByte
EnumResourceLanguagesW
GlobalAddAtomW
InterlockedDecrement
SetHandleCount
GetStringTypeW
GetModuleFileNameW
LCMapStringW
CreateMutexA
GetCurrentProcess
SetThreadAffinityMask
LeaveCriticalSection
FormatMessageA
InterlockedExchange
GetSystemTime
SetThreadIdealProcessor
ReadFile
GetCompressedFileSizeW
GetStringTypeA
GetStartupInfoW
MultiByteToWideChar
GetSystemTimeAsFileTime
SetEnvironmentVariableA
lstrcpyW
HeapReAlloc
CompareStringW
GetStdHandle
GetModuleHandleA
FreeEnvironmentStringsA
ReadConsoleOutputCharacterW
QueryPerformanceCounter
GetEnvironmentStringsW
TlsSetValue
TlsFree
FlushFileBuffers
HeapCreate
VirtualFree
DeleteAtom
HeapAlloc
WriteFile
SetCurrentDirectoryW
IsBadWritePtr
WritePrivateProfileSectionW
GlobalDeleteAtom
FreeEnvironmentStringsW
TlsGetValue
EnterCriticalSection
UnhandledExceptionFilter
GetTimeZoneInformation
LockResource
GetCurrentThread
SetStdHandle
CloseHandle
TransactNamedPipe
MoveFileA

Sections

.text
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

390d65a93011be5e61ae99577adab84a

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

Sections

.text Size: 112KB - Virtual size: 109KB

.rdata Size: 64KB - Virtual size: 62KB

.data Size: 96KB - Virtual size: 123KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 112KB - Virtual size: 109KB

.rdata
Size: 64KB - Virtual size: 62KB

.data
Size: 96KB - Virtual size: 123KB

.rsrc
Size: 20KB - Virtual size: 17KB