015144b4f01a7122cb3d6c08037f4e61_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

015144b4f01a7122cb3d6c08037f4e61_JaffaCakes118
Size

608KB
MD5

015144b4f01a7122cb3d6c08037f4e61
SHA1

0deb78f8043fab6eb7b492a097279b07ef5f3a4c
SHA256

47f04b80617c5686079e84a7b1471c6081f2031666eb2826cdb6742264fd9d3d
SHA512

384bb04226bccd0ac46d184eabc79e42850e973c8c6eb594792ad73f0adcacb4deb503feaacc363e1ffdc631ee8be22a7edda61fba3d08e6a671d378b5c973aa
SSDEEP

12288:yoBaAfKHyqh8KLyr27BS960hYX3ZYURUC7H6OwxiIrG5H:wAfKSqawyr8o9TSYURtHUQIr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
015144b4f01a7122cb3d6c08037f4e61_JaffaCakes118

Files

015144b4f01a7122cb3d6c08037f4e61_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6add2ccf817a980b6ed25efbb251fdb2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\uvuzpjwlu\ogpnncohv\kztae\slsoo

Imports

kernel32

SetHandleCount
InitializeCriticalSectionAndSpinCount
GetOEMCP
InitializeCriticalSection
HeapFree
GlobalReAlloc
GetACP
GetLocaleInfoW
WideCharToMultiByte
GetStringTypeA
GetLogicalDriveStringsW
FlushFileBuffers
GetProcessHeap
GetCurrentProcess
LocalAlloc
LCMapStringW
LoadLibraryA
WriteProfileSectionA
SetConsoleCtrlHandler
GetUserDefaultLCID
GetSystemTimeAsFileTime
DeleteCriticalSection
GetProfileStringA
FileTimeToDosDateTime
SetConsoleCursorInfo
GetTimeZoneInformation
GetEnvironmentStringsW
TransactNamedPipe
CreateSemaphoreA
ReadFile
ReadConsoleOutputW
IsValidCodePage
GetCPInfo
GetConsoleCursorInfo
HeapReAlloc
SetEvent
SetLocaleInfoW
GetLongPathNameW
GetCompressedFileSizeW
GetStartupInfoA
GetWindowsDirectoryA
IsBadReadPtr
TlsFree
IsValidLocale
LCMapStringA
GetPriorityClass
VirtualQuery
TlsAlloc
RemoveDirectoryW
SetUnhandledExceptionFilter
FreeResource
WriteConsoleInputW
SetSystemTime
GetPrivateProfileSectionNamesW
UnhandledExceptionFilter
FreeLibrary
GetLocaleInfoA
WriteConsoleW
LocalFileTimeToFileTime
GetTickCount
CreateMutexA
CreateProcessA
HeapDestroy
lstrlenA
GetCurrentThread
DebugActiveProcess
VirtualFree
FreeEnvironmentStringsW
InterlockedIncrement
GetLongPathNameA
WriteConsoleA
GetConsoleMode
GlobalGetAtomNameA
GetStringTypeW
GetModuleFileNameA
IsDebuggerPresent
OpenMutexA
RtlUnwind
TerminateProcess
SetConsoleCursorPosition
CompareStringA
GetEnvironmentStrings
CreateFileA
WriteFile
TlsSetValue
LeaveCriticalSection
SetEnvironmentVariableA
OpenFileMappingW
HeapSize
OpenFileMappingA
EnumResourceNamesW
ExitProcess
GetVersionExA
GetCurrentProcessId
GetCurrencyFormatW
DebugBreak
SetConsoleCP
GetModuleHandleA
LocalLock
GlobalFindAtomW
SetFilePointer
GetWindowsDirectoryW
InterlockedDecrement
GetCurrentThreadId
CreateThread
SetComputerNameA
MultiByteToWideChar
EnumSystemLocalesA
EnumResourceNamesA
FillConsoleOutputCharacterW
HeapAlloc
Sleep
InterlockedExchange
ReadFileEx
GetTimeFormatA
LoadLibraryExA
GetProcAddress
GetConsoleCP
FindFirstFileW
SetCriticalSectionSpinCount
EnumCalendarInfoA
GetCommandLineA
EnterCriticalSection
GetFileType
MoveFileExA
CompareStringW
FlushConsoleInputBuffer
SetStdHandle
ReleaseSemaphore
FindClose
TlsGetValue
CloseHandle
RaiseException
GetConsoleOutputCP
SetCurrentDirectoryA
SetLastError
CreateToolhelp32Snapshot
GetNamedPipeHandleStateA
ReadConsoleInputA
OpenEventA
VirtualAlloc
GetStdHandle
GetLastError
HeapLock
GetDateFormatA
FreeEnvironmentStringsA
QueryPerformanceCounter
HeapCreate

gdi32

GetEnhMetaFileBits
CreateCompatibleBitmap
SelectPalette
Ellipse
GetSystemPaletteUse
Arc
PlayMetaFile
CreateEnhMetaFileW
FloodFill
GdiPlayJournal

advapi32

CryptReleaseContext
DuplicateToken
AbortSystemShutdownW
RegQueryValueExA
RevertToSelf
CryptEnumProvidersW
CryptVerifySignatureW
RegConnectRegistryA
CryptImportKey
LogonUserW
RegQueryInfoKeyW
GetUserNameA
CryptEncrypt
RegDeleteValueW
CryptEnumProviderTypesA
CryptExportKey
CreateServiceA
CryptSetProviderW

user32

ChangeMenuW
GetDCEx
VkKeyScanA
EnableMenuItem
GetGuiResources
wsprintfA
DragDetect
CloseWindowStation
DrawFrameControl
GetThreadDesktop
ChangeDisplaySettingsW
CountClipboardFormats
LoadCursorFromFileA
OemToCharA
InsertMenuA
DdeAddData
GetKeyboardLayout
DispatchMessageW
SetDlgItemTextW
CheckMenuItem
GetDC
DefWindowProcA
FreeDDElParam
SetCursorPos
DefWindowProcW
DestroyAcceleratorTable
FillRect
GetDialogBaseUnits
GetClipboardFormatNameW
InvalidateRect
UpdateWindow
IsChild
GetDlgItem
RealGetWindowClass
SetDoubleClickTime
CreatePopupMenu
CreateIcon
DdePostAdvise
ValidateRgn
GetTabbedTextExtentW
IsRectEmpty
LoadImageW
DlgDirSelectComboBoxExW
DlgDirSelectExA
SetCaretBlinkTime
VkKeyScanExA
RegisterClassW
CreateWindowExW
CreateDesktopA
ShowCursor
EnumDisplaySettingsA
SetSystemCursor
DdeConnect
DdeSetQualityOfService
RegisterClassA
DdeFreeDataHandle
DdeNameService
GetPropW
CreateDialogIndirectParamW
ShowWindowAsync
RemovePropW
WindowFromDC
IsDialogMessageW
EnableWindow
GetWindowThreadProcessId
GetComboBoxInfo
DdeImpersonateClient
GetCursor
DestroyWindow
MoveWindow
InternalGetWindowText
DrawStateW
MenuItemFromPoint
SetClassLongW
ShowWindow
SubtractRect
SetUserObjectInformationA
GetDlgItemTextA
GetScrollInfo
SetMenuContextHelpId
EndDialog
RegisterDeviceNotificationW
DrawIcon
DrawTextW
GetCaretPos
MessageBoxA
LoadMenuIndirectA
GetUpdateRgn
TrackMouseEvent
GetClassNameW
RegisterClassExA
ShowScrollBar
OpenDesktopA
RegisterClipboardFormatW
GetWindowPlacement
GetParent
GetProcessDefaultLayout
SetWinEventHook

comctl32

ImageList_GetIcon
CreateToolbar
InitMUILanguage
ImageList_SetImageCount
ImageList_DragShowNolock
CreateStatusWindow
DrawStatusTextW
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_SetOverlayImage
CreatePropertySheetPageW
DrawInsert
ImageList_LoadImage
InitCommonControlsEx

Sections

.text
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6add2ccf817a980b6ed25efbb251fdb2

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

advapi32

user32

comctl32

Sections

.text Size: 172KB - Virtual size: 168KB

.rdata Size: 264KB - Virtual size: 261KB

.data Size: 112KB - Virtual size: 118KB

.rsrc Size: 56KB - Virtual size: 53KB

.text
Size: 172KB - Virtual size: 168KB

.rdata
Size: 264KB - Virtual size: 261KB

.data
Size: 112KB - Virtual size: 118KB

.rsrc
Size: 56KB - Virtual size: 53KB