101ae71f9a9737ea7c2f0004d9ab93bf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

101ae71f9a9737ea7c2f0004d9ab93bf_JaffaCakes118
Size

596KB
MD5

101ae71f9a9737ea7c2f0004d9ab93bf
SHA1

500fd923f95eb957edea8accbb76aef8e6ed0533
SHA256

21474ad01a38c4f4814279dbc656fea77058d668bca69d4a7254529b39713c9b
SHA512

b1a83262470c5c1c700f90d58a15af515bca816ed7b5d962f0f02f083d6c216b61041ce05f7e5bd83a07928845ca48e2dbaa4b5253a8a092fbb84ca3b7169a17
SSDEEP

12288:HYJWPT8tkSwYCbvyliI8RTy8uoyqQ8WINbFnEIfKm:HUG9eeXuMWINbP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
101ae71f9a9737ea7c2f0004d9ab93bf_JaffaCakes118

Files

101ae71f9a9737ea7c2f0004d9ab93bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78a83069bd51728b66ebcc3ef888d3f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\gzee\atkphcvee.pdb

Imports

user32

GetWindowInfo
CreateWindowStationA
GetScrollPos
CreatePopupMenu
SetMenuItemInfoA
SystemParametersInfoA
DeferWindowPos
CreateCaret
SetProcessDefaultLayout
IsDialogMessageW
SendDlgItemMessageW
IsCharAlphaW
LoadIconW
DefDlgProcW
ShowCaret
AnyPopup
GetWindowTextW
CallMsgFilterW
SetScrollRange
GetMenuStringA
CountClipboardFormats
SetProcessWindowStation
SetMenuItemInfoW
SetWindowWord
MessageBoxW
DrawFrame
GetClipboardFormatNameA
DefWindowProcW
SetLastErrorEx
GetMonitorInfoA
DlgDirListComboBoxA
GetDlgItemTextA
EnumWindowStationsA
EnumWindows
DragDetect
CheckMenuItem
GetClipboardSequenceNumber
DdeCreateDataHandle
DrawStateW
DrawTextW
LoadCursorFromFileW
TranslateMessage
RedrawWindow
IsCharLowerA
LookupIconIdFromDirectory
DragObject
IsWindowEnabled
CreateIcon
TranslateMDISysAccel
LoadAcceleratorsA
GetDCEx
CharToOemBuffW
GetSystemMetrics
LoadStringW
UnionRect
GetLastActivePopup
DdeImpersonateClient
SetDeskWallpaper
LoadBitmapW
CharNextW
OemToCharW
LoadBitmapA
GetAsyncKeyState
SetDlgItemTextW
WINNLSGetEnableStatus
MapWindowPoints
IsWindowUnicode
RegisterClassA
DdeGetData
EndDeferWindowPos
RegisterClassW
SetWindowTextW
CreateWindowExA
GetWindowTextLengthW
MessageBoxExW
ChangeDisplaySettingsW
DialogBoxIndirectParamW
LoadStringA
RegisterClassExA
SetWindowRgn
CopyIcon
MenuItemFromPoint
IsWindowVisible
SendIMEMessageExA
EnumChildWindows
SetDebugErrorLevel
GetCursorInfo
CreateDesktopA
DlgDirListW
WindowFromDC
GetMenuItemInfoW
DeleteMenu
ImpersonateDdeClientWindow
TranslateAcceleratorA
DrawTextExW
GetMenuBarInfo
DestroyWindow
ChangeDisplaySettingsA
GetWindowDC
DdeConnect
GetClipboardViewer
DrawCaption
ShowWindow
FindWindowW
EnumPropsA

advapi32

LogonUserA
CryptDestroyHash
RegNotifyChangeKeyValue
RegQueryInfoKeyA
RegEnumKeyW
StartServiceA
CryptDuplicateKey
InitializeSecurityDescriptor
CryptGetHashParam
LogonUserW
RegLoadKeyW
CryptSetProviderA
CryptHashSessionKey
RegRestoreKeyA
RegEnumKeyExW
LookupPrivilegeValueA
RegSetValueExW
CryptAcquireContextA
RevertToSelf

comctl32

CreateStatusWindow
ImageList_SetFilter
ImageList_BeginDrag
DrawStatusTextW
MakeDragList
ImageList_GetIconSize
InitCommonControlsEx
ImageList_GetFlags
ImageList_GetBkColor
ImageList_SetDragCursorImage
ImageList_ReplaceIcon
ImageList_Add
DrawInsert
CreateToolbar
ImageList_SetBkColor
CreateStatusWindowW
ImageList_Replace
CreateMappedBitmap
ImageList_SetOverlayImage
ImageList_Destroy

kernel32

MultiByteToWideChar
SetSystemTime
GlobalSize
GetTimeZoneInformation
IsValidCodePage
GetEnvironmentStringsW
IsValidLocale
EnumSystemLocalesA
CloseHandle
CompareStringA
SetHandleCount
FindFirstFileExW
DebugBreak
SetLocaleInfoA
GetModuleFileNameA
ExitProcess
InterlockedIncrement
CreateToolhelp32Snapshot
FreeEnvironmentStringsW
LoadLibraryA
WideCharToMultiByte
SetConsoleCursorPosition
LocalFlags
GetProcAddress
WriteFile
GetCurrentThreadId
LocalLock
HeapAlloc
GetLastError
VirtualQuery
GetStartupInfoW
GetOEMCP
Sleep
ReadConsoleOutputAttribute
SetConsoleWindowInfo
FreeLibrary
GetStartupInfoA
GetCPInfo
WriteConsoleA
GetACP
HeapDestroy
TlsAlloc
GetUserDefaultLCID
SetLastError
CreateFileA
HeapCreate
ReadFile
GetCurrentProcess
GetLocaleInfoA
GetConsoleOutputCP
GetStdHandle
SetStdHandle
IsDebuggerPresent
GetModuleFileNameW
UnhandledExceptionFilter
QueryPerformanceCounter
MoveFileExW
WritePrivateProfileStructA
SetFilePointer
GetModuleHandleW
GetTimeFormatA
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
InterlockedExchange
LCMapStringA
SetEnvironmentVariableA
VirtualFree
GetCurrentProcessId
OpenMutexA
TlsFree
GetCommandLineW
CreateMutexA
LCMapStringW
GetTickCount
HeapReAlloc
GetCommandLineA
EnumDateFormatsW
SetConsoleCtrlHandler
FlushFileBuffers
HeapFree
WriteConsoleW
InitializeCriticalSectionAndSpinCount
GetConsoleMode
DeleteCriticalSection
GetModuleHandleA
GetFileType
DeleteFiber
TlsSetValue
GetStringTypeW
GetStringTypeA
CompareStringW
LoadLibraryExW
GetCurrentThread
InterlockedDecrement
TlsGetValue
EnterCriticalSection
VirtualAlloc
CreateDirectoryA
HeapSize
TerminateProcess
LeaveCriticalSection
GetLocaleInfoW
GetDateFormatA
RtlUnwind
GetConsoleCP

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78a83069bd51728b66ebcc3ef888d3f9

Headers

File Characteristics

PDB Paths

Imports

user32

advapi32

comctl32

kernel32

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 260KB - Virtual size: 256KB

.data Size: 112KB - Virtual size: 125KB

.rsrc Size: 44KB - Virtual size: 40KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 260KB - Virtual size: 256KB

.data
Size: 112KB - Virtual size: 125KB

.rsrc
Size: 44KB - Virtual size: 40KB