08d719d14d55443016d8221cf84eb66f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

08d719d14d55443016d8221cf84eb66f_JaffaCakes118
Size

412KB
MD5

08d719d14d55443016d8221cf84eb66f
SHA1

0698cc5972936aa054d058f117bc1c8fde3332ba
SHA256

303edb9d387e49d4a1aec0f39d6500e0187b3c774920aaf2e1885e05e0641e2e
SHA512

ecf7ec3efe783cffa3e6a927a8020de318ccb5f3ecfe3b36215e6c4c0d68aabe326d21d74445c0401fa00742cb3aa4d753f8c142915bcbb8bd55b5ad573ea134
SSDEEP

6144:ESxPzOK+fuGanuHmDdJ8sDl1E87SzkCG5VZSPxSI7HwzgtgR/PlX+H:txofuGanHJ5RG8w64wQwpPlX+H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08d719d14d55443016d8221cf84eb66f_JaffaCakes118

Files

08d719d14d55443016d8221cf84eb66f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3306ad927b7811d002427118e1619e4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\vpbv\eefeefs\lflmai

Imports

comctl32

CreatePropertySheetPageA
InitCommonControlsEx
ImageList_SetImageCount
ImageList_GetIcon
ImageList_GetImageInfo

advapi32

RegQueryValueW
RegSetKeySecurity
RegReplaceKeyA
RegCreateKeyW
CryptExportKey
CryptGetUserKey
GetUserNameA
CryptDestroyHash
RegLoadKeyA
CryptSetProvParam
ReportEventW
RegDeleteKeyA
RegReplaceKeyW
CreateServiceW
LookupPrivilegeDisplayNameW
RegQueryValueExA
RegEnumKeyW
RegDeleteValueA
LookupPrivilegeNameW
CryptDeriveKey
RegSetValueW

wininet

UnlockUrlCacheEntryFileA
InternetOpenUrlW
ShowCertificate
InternetGetLastResponseInfoW

user32

DdeCreateStringHandleA
InsertMenuItemW
InvertRect
DrawFrameControl
DrawFrame
GetMenuItemCount
DdeQueryStringA
RemoveMenu
SetWindowsHookA
GetWindowInfo
GetUpdateRgn
GetWindowTextLengthW
TabbedTextOutA
TrackMouseEvent
ChangeDisplaySettingsW
DlgDirListA
GetNextDlgGroupItem
LoadCursorFromFileA
AppendMenuW
DdeSetUserHandle
IsRectEmpty
MonitorFromWindow
GetTabbedTextExtentA
ToAsciiEx
CopyIcon
RegisterWindowMessageA
AnyPopup
MessageBoxA
WindowFromPoint
GetClipboardOwner
GetClassWord
TileWindows
ShowCaret
OemToCharA
RegisterClassA
VkKeyScanExA
DefWindowProcA
HideCaret
ChangeMenuW
RegisterWindowMessageW
UnregisterClassW
GetMonitorInfoA
LoadAcceleratorsA
SetScrollPos
GetMessageA
CreateDialogIndirectParamW
GetProcessWindowStation
CreateCursor
DestroyCursor
EnumDesktopWindows
GetWindowRgn
SwitchToThisWindow
FindWindowW
GetAltTabInfo
CopyRect
GetKBCodePage
DdeUnaccessData
GetKeyboardLayoutNameA
CheckMenuRadioItem
SwapMouseButton
RegisterClipboardFormatW
UnregisterDeviceNotification
MessageBoxExW
RegisterClassExA
IsCharUpperW
SubtractRect
MessageBoxIndirectA
AdjustWindowRectEx
GetScrollPos
GetCaretBlinkTime
DeferWindowPos
DeleteMenu
LoadIconA
SetRectEmpty
IsZoomed
IsCharAlphaNumericW
wvsprintfW
DispatchMessageA
OpenWindowStationA
PeekMessageA
CreateAcceleratorTableW
EnumDesktopsA
EnumDesktopsW
DestroyWindow
RemovePropA
ChangeDisplaySettingsExA
CallNextHookEx
LoadIconW
DestroyAcceleratorTable
SendDlgItemMessageW
ModifyMenuA
GetDCEx
CreateDesktopW
CreateAcceleratorTableA
GetCaretPos
ImpersonateDdeClientWindow
CreateWindowExA
DdeConnectList
LookupIconIdFromDirectoryEx
ShowWindow
FillRect

shell32

ExtractAssociatedIconA

kernel32

GetCurrentProcess
GetDateFormatA
IsValidLocale
EnumSystemLocalesA
CloseHandle
HeapReAlloc
GetProcAddress
IsDebuggerPresent
EnterCriticalSection
RtlUnwind
GetConsoleOutputCP
TlsSetValue
GetCommandLineA
FreeEnvironmentStringsA
WriteFile
LCMapStringA
GetSystemTimeAsFileTime
SetFilePointer
GetLocaleInfoA
GetCurrentThreadId
TryEnterCriticalSection
SetUnhandledExceptionFilter
CompareStringA
GetUserDefaultLCID
GetCurrentProcessId
GetModuleFileNameA
LoadLibraryA
GetCPInfo
GetModuleHandleA
TlsGetValue
FreeLibrary
CompareStringW
GetTickCount
IsValidCodePage
SetConsoleCtrlHandler
GetEnvironmentStrings
WriteConsoleW
SetEnvironmentVariableA
SetLastError
HeapDestroy
GetEnvironmentStringsW
WriteConsoleA
VirtualFree
InterlockedExchange
DeleteCriticalSection
HeapSize
WideCharToMultiByte
ExitProcess
LCMapStringW
GetStartupInfoA
GetConsoleMode
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
HeapAlloc
GetCurrentThread
GetConsoleCP
LeaveCriticalSection
GetStringTypeA
HeapFree
ReadFile
Sleep
GetACP
GetLastError
QueryPerformanceCounter
GetModuleHandleW
GetTimeZoneInformation
FindFirstFileExA
GetStringTypeW
GetOEMCP
CreateFileA
VirtualAlloc
CreateMutexA
FreeEnvironmentStringsW
MultiByteToWideChar
FlushFileBuffers
GetFileType
SetStdHandle
GetStdHandle
VirtualQuery
TlsAlloc
SetHandleCount
InterlockedIncrement
HeapCreate
GetLocaleInfoW
TlsFree
LocalUnlock
GetTimeFormatA
OpenMutexA
UnhandledExceptionFilter
TerminateProcess

comdlg32

GetOpenFileNameW

Sections

.text
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3306ad927b7811d002427118e1619e4d

Headers

File Characteristics

PDB Paths

Imports

comctl32

advapi32

wininet

user32

shell32

kernel32

comdlg32

Sections

.text Size: 172KB - Virtual size: 168KB

.rdata Size: 92KB - Virtual size: 90KB

.data Size: 100KB - Virtual size: 126KB

.rsrc Size: 44KB - Virtual size: 42KB

.text
Size: 172KB - Virtual size: 168KB

.rdata
Size: 92KB - Virtual size: 90KB

.data
Size: 100KB - Virtual size: 126KB

.rsrc
Size: 44KB - Virtual size: 42KB